Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2022-43719

Two legacy REST API endpoints for approval and request access are vulnerable to cross site request forgery. This issue affects Apache Superset version 1.5.2 and prior versions and version 2.0.0.

Published

2023-01-16T11:15:10.513

Last Modified

2025-04-07T15:15:40.867

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 8.8 (HIGH)

Weaknesses

Type: Primary
CWE-352

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	apache	superset	≤ 1.5.2	Yes
Application	apache	superset	2.0.0	Yes
Application	apache	superset	2.0.0	Yes
Application	apache	superset	2.0.0	Yes

References

https://lists.apache.org/thread/xc309h2dphrkg33154djf3nqlh2xc1c0 Mailing List, Vendor Advisory ([email protected])
https://lists.apache.org/thread/xc309h2dphrkg33154djf3nqlh2xc1c0 Mailing List, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)