Apache · Apache Superset · CVE-2021-44451
**Name of the Vulnerable Software and Affected Versions**
Apache Superset versions up to and including 1.3.2
**Description**
The issue allows for the leak of registered database connections passwords to authenticated users. This information can be accessed in a non-trivial way.
**Recommendations**
For Apache Superset versions up to and including 1.3.2, upgrade to Apache Superset 1.4.0 or higher.