Ke Zhu

**Name of the Vulnerable Software and Affected Versions** Apache Superset versions up to and including 1.3.1 **Description** The issue allows for a database connections password leak for authenticated users. This information could be accessed in a non-trivial way. **Recommendations** For Apache Superset versions up to and including 1.3.1, update to a version later than 1.3.1 to prevent database connections password leaks.