diff --git a/2022/0xxx/CVE-2022-0778.json b/2022/0xxx/CVE-2022-0778.json index 280db16b089..9a1f85f4b19 100644 --- a/2022/0xxx/CVE-2022-0778.json +++ b/2022/0xxx/CVE-2022-0778.json @@ -132,6 +132,11 @@ "refsource": "CONFIRM", "name": "https://www.tenable.com/security/tns-2022-07", "url": "https://www.tenable.com/security/tns-2022-07" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2022-9e88b5d8d7", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/323SNN6ZX7PRJJWP2BUAFLPUAE42XWLZ/" } ] } diff --git a/2022/0xxx/CVE-2022-0865.json b/2022/0xxx/CVE-2022-0865.json index 3e1ae63c9f3..04ade1b06e6 100644 --- a/2022/0xxx/CVE-2022-0865.json +++ b/2022/0xxx/CVE-2022-0865.json @@ -68,6 +68,11 @@ "refsource": "FEDORA", "name": "FEDORA-2022-e2996202a0", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQ4E654ZYUUUQNBKYQFXNK2CV3CPWTM2/" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2022-c39720a0ed", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RNT2GFNRLOMKJ5KXM6JIHKBNBFDVZPD3/" } ] }, diff --git a/2022/0xxx/CVE-2022-0891.json b/2022/0xxx/CVE-2022-0891.json index 35635b9ca66..d2ccdd1b50a 100644 --- a/2022/0xxx/CVE-2022-0891.json +++ b/2022/0xxx/CVE-2022-0891.json @@ -73,6 +73,11 @@ "refsource": "FEDORA", "name": "FEDORA-2022-e2996202a0", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQ4E654ZYUUUQNBKYQFXNK2CV3CPWTM2/" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2022-c39720a0ed", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RNT2GFNRLOMKJ5KXM6JIHKBNBFDVZPD3/" } ] }, diff --git a/2022/0xxx/CVE-2022-0907.json b/2022/0xxx/CVE-2022-0907.json index 835a9c3caee..139026dc3fa 100644 --- a/2022/0xxx/CVE-2022-0907.json +++ b/2022/0xxx/CVE-2022-0907.json @@ -68,6 +68,11 @@ "refsource": "FEDORA", "name": "FEDORA-2022-e2996202a0", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQ4E654ZYUUUQNBKYQFXNK2CV3CPWTM2/" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2022-c39720a0ed", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RNT2GFNRLOMKJ5KXM6JIHKBNBFDVZPD3/" } ] }, diff --git a/2022/0xxx/CVE-2022-0908.json b/2022/0xxx/CVE-2022-0908.json index 0ca0ea9d2fb..98429551038 100644 --- a/2022/0xxx/CVE-2022-0908.json +++ b/2022/0xxx/CVE-2022-0908.json @@ -68,6 +68,11 @@ "refsource": "FEDORA", "name": "FEDORA-2022-e2996202a0", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQ4E654ZYUUUQNBKYQFXNK2CV3CPWTM2/" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2022-c39720a0ed", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RNT2GFNRLOMKJ5KXM6JIHKBNBFDVZPD3/" } ] }, diff --git a/2022/0xxx/CVE-2022-0909.json b/2022/0xxx/CVE-2022-0909.json index a65abe065af..579f7dff9c0 100644 --- a/2022/0xxx/CVE-2022-0909.json +++ b/2022/0xxx/CVE-2022-0909.json @@ -68,6 +68,11 @@ "refsource": "FEDORA", "name": "FEDORA-2022-e2996202a0", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQ4E654ZYUUUQNBKYQFXNK2CV3CPWTM2/" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2022-c39720a0ed", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RNT2GFNRLOMKJ5KXM6JIHKBNBFDVZPD3/" } ] }, diff --git a/2022/0xxx/CVE-2022-0924.json b/2022/0xxx/CVE-2022-0924.json index 3ff0415649c..88cb2b59877 100644 --- a/2022/0xxx/CVE-2022-0924.json +++ b/2022/0xxx/CVE-2022-0924.json @@ -68,6 +68,11 @@ "refsource": "FEDORA", "name": "FEDORA-2022-e2996202a0", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQ4E654ZYUUUQNBKYQFXNK2CV3CPWTM2/" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2022-c39720a0ed", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RNT2GFNRLOMKJ5KXM6JIHKBNBFDVZPD3/" } ] }, diff --git a/2022/28xxx/CVE-2022-28368.json b/2022/28xxx/CVE-2022-28368.json new file mode 100644 index 00000000000..7c458d196f3 --- /dev/null +++ b/2022/28xxx/CVE-2022-28368.json @@ -0,0 +1,72 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2022-28368", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Dompdf 1.2.1 allows remote code execution via a .php file in the src:url field of an @font-face Cascading Style Sheets (CSS) statement (within an HTML input file)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://snyk.io/blog/security-alert-php-pdf-library-dompdf-rce/", + "refsource": "MISC", + "name": "https://snyk.io/blog/security-alert-php-pdf-library-dompdf-rce/" + }, + { + "url": "https://github.com/snyk-labs/php-goof", + "refsource": "MISC", + "name": "https://github.com/snyk-labs/php-goof" + }, + { + "url": "https://packagist.org/packages/dompdf/dompdf#v1.2.1", + "refsource": "MISC", + "name": "https://packagist.org/packages/dompdf/dompdf#v1.2.1" + } + ] + } +} \ No newline at end of file