[Git][security-tracker-team/security-tracker][master] Add CVE-2022-23614/php-twig
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Feb 8 20:51:51 GMT 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
42931d2e by Salvatore Bonaccorso at 2022-02-08T21:51:21+01:00
Add CVE-2022-23614/php-twig
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -3501,7 +3501,10 @@ CVE-2022-23616
CVE-2022-23615
RESERVED
CVE-2022-23614 (Twig is an open source template language for PHP. When in a sandbox mo ...)
- TODO: check
+ - php-twig 3.3.8-1
+ NOTE: https://github.com/twigphp/Twig/security/advisories/GHSA-5mv2-rx3q-4w2v
+ NOTE: https://github.com/twigphp/Twig/pull/3641
+ NOTE: https://github.com/twigphp/Twig/commit/2eb33080558611201b55079d07ac88f207b466d5 (v3.3.8)
CVE-2022-23613 (xrdp is an open source remote desktop protocol (RDP) server. In affect ...)
- xrdp <unfixed>
[bullseye] - xrdp <not-affected> (Vulnerable code not present)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/42931d2e0ae954d7bbae2ce370a23ba23a7d2bbb
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/42931d2e0ae954d7bbae2ce370a23ba23a7d2bbb
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220208/0aafeb4a/attachment.htm>
More information about the debian-security-tracker-commits
mailing list