[Git][security-tracker-team/security-tracker][master] 3 commits: Add CVE-2022-25020/pluxml
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Mar 2 06:04:25 GMT 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
a8808e2b by Salvatore Bonaccorso at 2022-03-02T07:03:53+01:00
Add CVE-2022-25020/pluxml
- - - - -
12a88af9 by Salvatore Bonaccorso at 2022-03-02T07:03:53+01:00
Add CVE-2022-25018/pluxml
- - - - -
a094181e by Salvatore Bonaccorso at 2022-03-02T07:03:53+01:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -3315,21 +3315,25 @@ CVE-2022-25022 (A cross-site scripting (XSS) vulnerability in Htmly v2.8.1 allow
CVE-2022-25021
RESERVED
CVE-2022-25020 (A cross-site scripting (XSS) vulnerability in Pluxml v5.8.7 allows att ...)
- TODO: check
+ - pluxml <undetermined>
+ NOTE: https://github.com/MoritzHuppert/CVE-2022-25020/blob/main/CVE-2022-25020.pdf
+ TODO: check if reported upstream
CVE-2022-25019
REJECTED
CVE-2022-25018 (Pluxml v5.8.7 was discovered to allow attackers to execute arbitrary c ...)
- TODO: check
+ - pluxml <undetermined>
+ NOTE: https://github.com/MoritzHuppert/CVE-2022-25018/blob/main/CVE-2022-25018.pdf
+ TODO: check if reported upstream
CVE-2022-25017
RESERVED
CVE-2022-25016
RESERVED
CVE-2022-25015 (A stored cross-site scripting (XSS) vulnerability in Ice Hrm 30.0.0.OS ...)
- TODO: check
+ NOT-FOR-US: Ice Hrm
CVE-2022-25014 (Ice Hrm 30.0.0.OS was discovered to contain a reflected cross-site scr ...)
- TODO: check
+ NOT-FOR-US: Ice Hrm
CVE-2022-25013 (Ice Hrm 30.0.0.OS was discovered to contain multiple reflected cross-s ...)
- TODO: check
+ NOT-FOR-US: Ice Hrm
CVE-2022-25012
RESERVED
CVE-2022-25011
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/4d44a5c5d44e6962b2c427f25c30518d10aa43cb...a094181e633d59381eb7f0cdb199c9a31a44c2d1
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/4d44a5c5d44e6962b2c427f25c30518d10aa43cb...a094181e633d59381eb7f0cdb199c9a31a44c2d1
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220302/5582a992/attachment.htm>
More information about the debian-security-tracker-commits
mailing list