summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorNeil Williams <codehelp@debian.org>2022-05-18 11:18:14 +0100
committerNeil Williams <codehelp@debian.org>2022-05-18 11:18:14 +0100
commit836192817653bc698e0fd1f1e607a36c28d17f85 (patch)
tree23d47d18374a8227dd5bd54d52794cd90b7ff693
parenteec7d4817f651239cdeb09d137931d42ecbccc90 (diff)
CVE-2022-1379/plantuml not-affected, vulnerable code introduced in 1.2020.11
-rw-r--r--data/CVE/list5
1 files changed, 4 insertions, 1 deletions
diff --git a/data/CVE/list b/data/CVE/list
index 04e4b8bf86..90f122f389 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -4809,7 +4809,10 @@ CVE-2022-29267
CVE-2022-1380 (Stored Cross Site Scripting vulnerability in Item name parameter in Gi ...)
- snipe-it <itp> (bug #1005172)
CVE-2022-1379 (URL Restriction Bypass in GitHub repository plantuml/plantuml prior to ...)
- TODO: check
+ - plantuml <not-affected> (Vulnerable code introduced later)
+ NOTE: https://huntr.dev/bounties/0d737527-86e1-41d1-9d37-b2de36bc063a
+ NOTE: https://github.com/plantuml/plantuml/commit/93e5964e5f35914f3f7b89de620c596795550083 (v1.2022.5)
+ NOTE: Introduced in https://github.com/plantuml/plantuml/commit/3192fa218c2ad0420d03de70f57f8521e1de315d (v1.2020.11)
CVE-2022-29266 (In APache APISIX before 3.13.1, the jwt-auth plugin has a security iss ...)
NOT-FOR-US: Apache APISIX
CVE-2022-1378 (Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a ...)

© 2014-2024 Faster IT GmbH | imprint | privacy policy