[Git][security-tracker-team/security-tracker][master] Add references for two batik issues
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Nov 2 07:33:36 GMT 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
92e47c85 by Salvatore Bonaccorso at 2022-11-02T08:32:16+01:00
Add references for two batik issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -12738,6 +12738,7 @@ CVE-2022-40146 (Server-Side Request Forgery (SSRF) vulnerability in Batik of Apa
NOTE: https://www.openwall.com/lists/oss-security/2022/09/22/3
NOTE: https://issues.apache.org/jira/browse/BATIK-1335
NOTE: http://svn.apache.org/viewvc?view=revision&revision=1903910
+ NOTE: https://www.zerodayinitiative.com/blog/2022/10/28/vulnerabilities-in-apache-batik-default-security-controls-ssrf-and-rce-through-remote-class-loading
CVE-2022-40145
RESERVED
CVE-2022-3155
@@ -17332,6 +17333,7 @@ CVE-2022-38398 (Server-Side Request Forgery (SSRF) vulnerability in Batik of Apa
NOTE: https://www.openwall.com/lists/oss-security/2022/09/22/2
NOTE: https://issues.apache.org/jira/browse/BATIK-1331
NOTE: http://svn.apache.org/viewvc?view=revision&revision=1903462
+ NOTE: https://www.zerodayinitiative.com/blog/2022/10/28/vulnerabilities-in-apache-batik-default-security-controls-ssrf-and-rce-through-remote-class-loading
CVE-2022-38397
RESERVED
CVE-2022-2891 (The WP 2FA WordPress plugin before 2.3.0 uses comparison operators tha ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/92e47c85499461e3410fd777968e04e876767233
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/92e47c85499461e3410fd777968e04e876767233
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221102/061681e1/attachment.htm>
More information about the debian-security-tracker-commits
mailing list