Uncontrolled Resource Consumption via Malicious ZIP Upload in Apache Superset

Uncontrolled Resource Consumption via Malicious ZIP Upload in Apache Superset

CVE-2023-46104 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Uncontrolled resource consumption can be triggered by authenticated attacker that uploads a malicious ZIP to import database, dashboards or datasets.   This vulnerability exists in Apache Superset versions up to and including 2.1.2 and versions 3.0.0, 3.0.1.

Learn more about our Cis Benchmark Audit For Apache Http Server.