[Git][security-tracker-team/security-tracker][master] Reference upstream commits for CVE-2022-21831
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri May 27 20:56:09 BST 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
b871cf4f by Salvatore Bonaccorso at 2022-05-27T21:34:33+02:00
Reference upstream commits for CVE-2022-21831
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -33361,7 +33361,9 @@ CVE-2022-21832
CVE-2022-21831 (A code injection vulnerability exists in the Active Storage >= v5.2 ...)
- rails <unfixed> (bug #1011940)
NOTE: https://github.com/advisories/GHSA-w749-p3v6-hccq
- NOTE: https://github.com/rails/rails/commit/b0b5eaf477c907819ead1808d09bfaae3eb4cc54 (6-1-stable)
+ NOTE: https://github.com/rails/rails/commit/b0b5eaf477c907819ead1808d09bfaae3eb4cc54 (v6.1.4.7)
+ NOTE: https://github.com/rails/rails/commit/92f64fec3136baabbebac97073c5213ea055dc53 (v6.0.4.7)
+ NOTE: https://github.com/rails/rails/commit/94e2f00d2abedbea1ef62fc775d031ffda00662c (v5.2.6.3)
CVE-2022-21830 (A blind self XSS vulnerability exists in RocketChat LiveChat <v1.9 ...)
NOT-FOR-US: Rocket.Chat.Livechat
CVE-2022-21829
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b871cf4fa9f53620fa8ba5c4d3ce5356fb18c10e
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b871cf4fa9f53620fa8ba5c4d3ce5356fb18c10e
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220527/df21e3bc/attachment.htm>
More information about the debian-security-tracker-commits
mailing list