Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
af2bbd77 by Moritz Muehlenhoff at 2022-07-24T22:49:00+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -14938,9 +14938,9 @@ CVE-2022-30780 (Lighttpd 1.4.56 through 1.4.58 allows a
remote attacker to cause
NOTE: https://redmine.lighttpd.net/issues/3059
NOTE: Fixed by:
https://github.com/lighttpd/lighttpd1.4/commit/b03b86f47b0d5a553137f081fadc482b4af1372d
(lighttpd-1.4.59)
CVE-2022-30779 (Laravel 9.1.8, when processing attacker-controlled data for
deserializ ...)
- TODO: check, issue seems to be in src:guzzle, check details
+ NOT-FOR-US: Disputed Laravel issue
CVE-2022-30778 (Laravel 9.1.8, when processing attacker-controlled data for
deserializ ...)
- TODO: check
+ NOT-FOR-US: Disputed Laravel issue
CVE-2022-30777 (Parallels H-Sphere 3.6.1713 allows XSS via the index_en.php
from param ...)
NOT-FOR-US: Parallels H-Sphere
CVE-2022-30776 (atmail 6.5.0 allows XSS via the index.php/admin/index/ error
parameter ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/af2bbd77dc4336932a3bccd7b6a7a92eae2e5b3f
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/af2bbd77dc4336932a3bccd7b6a7a92eae2e5b3f
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
