cbcvebase.
CVE-2022-27479
published 2022-04-13

CVE-2022-27479: Apache Superset before 1.4.2 is vulnerable to SQL injection in chart data requests. Users should update to 1.4.2 or higher which addresses this issue.

critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
Apache Superset before 1.4.2 is vulnerable to SQL injection in chart data requests. Users should update to 1.4.2 or higher which addresses this issue.

Affected

2 ranges
VendorProductVersion rangeFixed in
apachesuperset< 1.4.21.4.2
apache_software_foundationapache_superset>= unspecified < 1.4.21.4.2