Lucene search
ApacheCVELIST:CVE-2022-43719HistoryJan 16, 2023 - 10:10 a.m.
CVE-2022-43719 Apache Superset: Cross Site Request Forgery (CSRF) on accept, request access API
2023-01-1610:10:27
CWE-352
apache
www.cve.org
4
apache superset
cross site request forgery
csrf
rest api
vulnerability
version 1.5.2
version 2.0.0
Two legacy REST API endpoints for approval and request access are vulnerable to cross site request forgery. This issue affects Apache Superset version 1.5.2 and prior versions and version 2.0.0.
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "Apache Superset",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThan": "2.0.1",
"status": "affected",
"version": "2.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "1.5.2",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
]Related
cnvd
cnvd
Apache Superset Cross-Site Request Forgery Vulnerability
2023-01-18 00:00:00
veracode
veracode
Cross-Site Request Forgery (CSRF)
2023-01-19 03:47:44
github
github
nvd
nvd
CVE-2022-43719
2023-01-16 11:15:10
prion
prion
Cross site request forgery (csrf)
2023-01-16 11:15:00
osv
osv
Apache Superset vulnerable to Cross-Site Request Forgery via legacy REST API endpoints
2023-01-16 12:30:18
CVE-2022-43719
2023-01-16 11:15:10
cve
cve
CVE-2022-43719
2023-01-16 11:15:10