admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-07 19:17:10 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add CVE-2022-41932 for GHSA-4x5r-6v26-7j4v

Browse Source 
Add CVE-2022-41932 for GHSA-4x5r-6v26-7j4v
This commit is contained in:
advisory-database[bot] 2022-11-23 20:20:32 +00:00 committed by GitHub
parent 1ebfd90e73
commit 3960e2c08e
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 82 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

88
2022/41xxx/CVE-2022-41932.json
View File

@ -1,18 +1,94 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2022-41932",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Creation of new database tables through login form on PostgreSQL"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "xwiki-platform",
"version": {
"version_data": [
{
"version_value": "< 13.10.8"
},
{
"version_value": ">= 14.0.0, < 14.4.2"
},
{
"version_value": ">= 14.5.0, < 14.6-rc-1"
}
]
}
}
]
},
"vendor_name": "xwiki"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. It's possible to make XWiki create many new schemas and fill them with tables just by using a crafted user identifier in the login form. This may lead to degraded database performance. The problem has been patched in XWiki 13.10.8, 14.6RC1 and 14.4.2. Users are advised to upgrade. There are no known workarounds for this issue."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-400: Uncontrolled Resource Consumption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-4x5r-6v26-7j4v",
"refsource": "CONFIRM",
"url": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-4x5r-6v26-7j4v"
},
{
"name": "https://jira.xwiki.org/browse/XWIKI-19886",
"refsource": "MISC",
"url": "https://jira.xwiki.org/browse/XWIKI-19886"
}
]
},
"source": {
"advisory": "GHSA-4x5r-6v26-7j4v",
"discovery": "UNKNOWN"
}
}