CVE-2022-4730

Опубликовано: 27 дек. 2022

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS3: 3.5

Описание

A vulnerability was found in Graphite Web. It has been classified as problematic. Affected is an unknown function of the component Absolute Time Range Handler. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The name of the patch is 2f178f490e10efc03cd1d27c72f64ecab224eb23. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-216744.

Релиз	Статус	Примечание
bionic	ignored	end of standard support, was needs-triage
devel	needs-triage
esm-apps/bionic	released	1.0.2+debian-2ubuntu0.1~esm1
esm-apps/focal	released	1.1.4-5ubuntu0.1
esm-apps/jammy	released	1.1.8-1ubuntu0.22.04.1
esm-apps/noble	needs-triage
esm-apps/xenial	released	0.9.15+debian-1ubuntu0.1~esm1
esm-infra-legacy/trusty	released	0.9.12+debian-3ubuntu0.1~esm2
focal	released	1.1.4-5ubuntu0.1
jammy	released	1.1.8-1ubuntu0.22.04.1

Показывать по

Ссылки на источники

EPSS

Процентиль: 62%

0.00433

Низкий

3.5 Low

CVSS3

Связанные уязвимости

CVE-2022-4730

CVSS3: 5.4

redhat

около 3 лет назад

CVE-2022-4730

CVSS3: 3.5

nvd

около 3 лет назад

CVE-2022-4730

CVSS3: 3.5

debian

около 3 лет назад

A vulnerability was found in Graphite Web. It has been classified as p ...

GHSA-m973-4vpc-x43c

CVSS3: 5.4

github

около 3 лет назад

Graphite Web Cross-site Scripting vulnerability

EPSS

Процентиль: 62%

0.00433

Низкий

3.5 Low

CVSS3

CVE-2022-4730

Описание

Пакет graphite-web

Ссылки на источники

Связанные уязвимости