diff options
author | Neil Williams <codehelp@debian.org> | 2022-05-18 11:18:14 +0100 |
---|---|---|
committer | Neil Williams <codehelp@debian.org> | 2022-05-18 11:18:14 +0100 |
commit | 836192817653bc698e0fd1f1e607a36c28d17f85 (patch) | |
tree | 23d47d18374a8227dd5bd54d52794cd90b7ff693 | |
parent | eec7d4817f651239cdeb09d137931d42ecbccc90 (diff) |
CVE-2022-1379/plantuml not-affected, vulnerable code introduced in 1.2020.11
-rw-r--r-- | data/CVE/list | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/data/CVE/list b/data/CVE/list index 04e4b8bf86..90f122f389 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -4809,7 +4809,10 @@ CVE-2022-29267 CVE-2022-1380 (Stored Cross Site Scripting vulnerability in Item name parameter in Gi ...) - snipe-it <itp> (bug #1005172) CVE-2022-1379 (URL Restriction Bypass in GitHub repository plantuml/plantuml prior to ...) - TODO: check + - plantuml <not-affected> (Vulnerable code introduced later) + NOTE: https://huntr.dev/bounties/0d737527-86e1-41d1-9d37-b2de36bc063a + NOTE: https://github.com/plantuml/plantuml/commit/93e5964e5f35914f3f7b89de620c596795550083 (v1.2022.5) + NOTE: Introduced in https://github.com/plantuml/plantuml/commit/3192fa218c2ad0420d03de70f57f8521e1de315d (v1.2020.11) CVE-2022-29266 (In APache APISIX before 3.13.1, the jwt-auth plugin has a security iss ...) NOT-FOR-US: Apache APISIX CVE-2022-1378 (Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a ...) |