Security Advisories

Security Advisories

Security Advisories

Clear Filters
93 results
Date
Type
Subject
Description
Products
September 7, 2023
Vulnerability
Server-side request forgery vulnerability which could allow a malicious actor to authenticate into instances of Tableau Server to access customers’ hosted data.
Tableau
July 17, 2023
Vulnerability
JavaScript vulnerability affecting the Salesforce tough-cookie open-source NPM project, which could allow a malicious actor to attach cookie data to a global namespace.
June 28, 2023
Security Update
Tableau Python Server (TabPy) installations may be configured to execute arbitrary python code without authentication. Products Affected: TabPy 2.8.0 and earlier.
Tableau
January 31, 2023
Process Update
Customers are no longer required to obtain prior approval before performing security assessments for Salesforce products.
October 14, 2022
Vulnerability
Issue affecting Tableau Server Administration Agent
Tableau
June 22, 2022
Vulnerability
Tableau Server logging Personal Access Tokens into internal log repositories
Tableau
May 23, 2022
Vulnerability
Broken access control vulnerability in Tableau Server
Tableau
March 30, 2022
Vulnerability
Spring4Shell vulnerability published in March 2022
ClickSoftware, Commerce Cloud, Experience Cloud, Heroku, Hyperforce, Marketing Cloud, MuleSoft, Pardot, Quip, Sales Cloud, Salesforce Einstein, Salesforce Platform, Service Cloud, Slack, Tableau
December 10, 2021
Vulnerability
Apache Log4j2 vulnerability published on December 10, 2021
ClickSoftware, Commerce Cloud, Experience Cloud, Heroku, Hyperforce, Marketing Cloud, MuleSoft, Pardot, Quip, Sales Cloud, Salesforce Einstein, Salesforce Platform, Service Cloud, Slack, Tableau
October 21, 2021
Vulnerability
Sensitive Information Exposure
Tableau
September 22, 2021
Vulnerability
Information Disclosure
Tableau
August 16, 2021
Security Notification
Oracle NetSuite and SAP SuccessFactors connectors used in Tableau Gallery may be storing sensitive data in a subset of Tableau On-Premise customers’ logging infrastructure  
July 28, 2021
Vulnerability
XML external entity (XXE) vulnerability in Mule runtime
MuleSoft
June 22, 2021
Vulnerability
Improper Data Cache Access Control When Using Initial SQL
Tableau