CVE-2022-4728

Опубликовано: 27 дек. 2022

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS3: 3.5

Описание

A vulnerability has been found in Graphite Web and classified as problematic. This vulnerability affects unknown code of the component Cookie Handler. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The name of the patch is 2f178f490e10efc03cd1d27c72f64ecab224eb23. It is recommended to apply a patch to fix this issue. VDB-216742 is the identifier assigned to this vulnerability.

Релиз	Статус	Примечание
bionic	ignored	end of standard support, was needs-triage
devel	needs-triage
esm-apps/bionic	released	1.0.2+debian-2ubuntu0.1~esm1
esm-apps/focal	released	1.1.4-5ubuntu0.1
esm-apps/jammy	released	1.1.8-1ubuntu0.22.04.1
esm-apps/noble	needs-triage
esm-apps/xenial	released	0.9.15+debian-1ubuntu0.1~esm1
esm-infra-legacy/trusty	released	0.9.12+debian-3ubuntu0.1~esm2
focal	released	1.1.4-5ubuntu0.1
jammy	released	1.1.8-1ubuntu0.22.04.1

Показывать по

Ссылки на источники

EPSS

Процентиль: 63%

0.00445

Низкий

3.5 Low

CVSS3

Связанные уязвимости

CVE-2022-4728

CVSS3: 5.4

redhat

около 3 лет назад

CVE-2022-4728

CVSS3: 3.5

nvd

около 3 лет назад

CVE-2022-4728

CVSS3: 3.5

debian

около 3 лет назад

A vulnerability has been found in Graphite Web and classified as probl ...

GHSA-3c5x-4hvx-qrrr

CVSS3: 5.4

github

около 3 лет назад

Graphite Web Cross-site Scripting vulnerability

EPSS

Процентиль: 63%

0.00445

Низкий

3.5 Low

CVSS3

CVE-2022-4728

Описание

Пакет graphite-web

Ссылки на источники

Связанные уязвимости