[Git][security-tracker-team/security-tracker][master] CVE-2022-40626/zabbix not affecting buster.
Tobias Frost (@tobi)
tobi at debian.org
Mon Apr 10 16:31:14 BST 2023
Tobias Frost pushed to branch master at Debian Security Tracker / security-tracker
Commits:
53539005 by Tobias Frost at 2023-04-10T17:30:54+02:00
CVE-2022-40626/zabbix not affecting buster.
very likely introduced by commit https://git.zabbix.com/projects/ZBX/repos/zabbix/commits/e4000620f1f427cc8df02914125b3b985ad797dc
resp. https://git.zabbix.com/projects/ZBX/repos/zabbix/commits/56d8343c34c83ac727ab6250c7eb9e6d682b5b1c
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -49588,6 +49588,7 @@ CVE-2022-40627
CVE-2022-40626 (An unauthenticated user can create a link with reflected Javascript co ...)
- zabbix 1:6.0.7+dfsg-2
[bullseye] - zabbix <no-dsa> (Minor issue)
+ [buster] - zabbix <not-affected> (Vulnerable backurl code introduced later.)
NOTE: https://support.zabbix.com/browse/ZBX-21350
NOTE: https://git.zabbix.com/projects/ZBX/repos/zabbix/commits/55eb14d0a394b362d5df00ed9e06a3918472deec (6.0.7rc1)
CVE-2022-40625
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/53539005239807d20f85af5827efdead4699a3e5
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/53539005239807d20f85af5827efdead4699a3e5
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230410/bb7f1a4d/attachment.htm>
More information about the debian-security-tracker-commits
mailing list