PYSEC-2022-43167
See a problem?- Import Source
- https://github.com/pypa/advisory-database/blob/main/vulns/selenium/PYSEC-2022-43167.yaml
- JSON Data
- https://api.osv.dev/v1/vulns/PYSEC-2022-43167
- Aliases
- Published
- 2022-04-19T03:15:00Z
- Modified
- 2024-11-22T21:12:10.893429Z
- Severity
-
- 8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
Selenium Server (Grid) before 4 allows CSRF because it permits non-JSON content types such as application/x-www-form-urlencoded, multipart/form-data, and text/plain.
- References
Affected packages
PyPI / selenium
Package
- Name
- selenium
- View open source insights on deps.dev
- Purl
- pkg:pypi/selenium
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed4.0.0
Affected versions
0.*
0.9.2
1.*
1.0.1
1.0.3
2.*
2.0-dev
2.0dev1
2.0dev2
2.0dev3
2.0dev4
2.0dev5
2.0dev6
2.0-dev-9138
2.0-dev-9212
2.0-dev-9231
2.0-dev-9284
2.0-dev-9306
2.0-dev-9307
2.0-dev-9310
2.0-dev-9338
2.0-dev-9340
2.0-dev-9341
2.0-dev-9429
2.0a5
2.0b2
2.0b3dev
2.0b3
2.0b4dev
2.0rc1
2.0rc2
2.0rc3
2.0.0
2.0.1
2.1.0
2.2.0
2.3.0
2.4.0
2.5.0
2.6.0
2.7.0
2.8.0
2.8.1
2.9.0
2.10.0
2.11.0
2.11.1
2.12.0
2.12.1
2.13.0
2.13.1
2.14.0
2.15.0
2.16.0
2.17.0
2.18.1
2.19.0
2.19.1
2.20.0
2.21.0
2.21.1
2.21.2
2.21.3
2.22.0
2.22.1
2.23.0
2.24.0
2.25.0
2.26.0
2.27.0
2.28.0
2.29.0
2.30.0
2.31.0
2.32.0
2.33.0
2.34.0
2.35.0
2.36.0
2.37.0
2.37.1
2.37.2
2.38.0
2.38.1
2.38.2
2.38.3
2.38.4
2.39.0
2.40.0
2.41.0
2.42.0
2.42.1
2.43.0
2.44.0
2.45.0
2.46.0
2.46.1
2.47.0
2.47.1
2.47.2
2.47.3
2.48.0
2.49.0
2.49.1
2.49.2
2.50.0
2.50.1
2.51.0
2.51.1
2.52.0
2.53.0
2.53.1
2.53.2
2.53.3
2.53.4
2.53.5
2.53.6
3.*
3.0.0b1
3.0.0b2
3.0.0b3
3.0.0
3.0.1
3.0.2
3.3.0
3.3.1
3.3.2
3.3.3
3.4.0
3.4.1
3.4.2
3.4.3
3.5.0
3.6.0
3.7.0
3.8.0
3.8.1
3.9.0
3.10.0
3.11.0
3.12.0
3.13.0
3.14.0
3.14.1
3.141.0
4.*
4.0.0a1
4.0.0a3
4.0.0a5
4.0.0a6
4.0.0a6.post1
4.0.0a6.post2
4.0.0.a7
4.0.0.b1
4.0.0.b2
4.0.0.b2.post1
4.0.0.b3
4.0.0.b4
4.0.0.rc1
4.0.0rc2
4.0.0rc3