mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-08-04 08:44:25 +00:00
98 lines
4.0 KiB
JSON
98 lines
4.0 KiB
JSON
{
|
|
"data_version": "4.0",
|
|
"data_type": "CVE",
|
|
"data_format": "MITRE",
|
|
"CVE_data_meta": {
|
|
"ID": "CVE-2022-4588",
|
|
"ASSIGNER": "cna@vuldb.com",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "A vulnerability, which was classified as problematic, was found in Boston Sleep slice up to 84.1.x. Affected is an unknown function of the component Layout Handler. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. Upgrading to version 84.2.0 is able to address this issue. The name of the patch is 6523bb17d889e2ab13d767f38afefdb37083f1d0. It is recommended to upgrade the affected component. VDB-216174 is the identifier assigned to this vulnerability."
|
|
},
|
|
{
|
|
"lang": "deu",
|
|
"value": "Es wurde eine Schwachstelle in Boston Sleep slice bis 84.1.x gefunden. Sie wurde als problematisch eingestuft. Betroffen hiervon ist ein unbekannter Ablauf der Komponente Layout Handler. Mit der Manipulation mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff \u00fcber das Netzwerk. Ein Aktualisieren auf die Version 84.2.0 vermag dieses Problem zu l\u00f6sen. Der Patch wird als 6523bb17d889e2ab13d767f38afefdb37083f1d0 bezeichnet. Als bestm\u00f6gliche Massnahme wird das Einspielen eines Upgrades empfohlen."
|
|
}
|
|
]
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "CWE-79 Cross Site Scripting",
|
|
"cweId": "CWE-79"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"vendor_name": "Boston Sleep",
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "slice",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_value": "84.0",
|
|
"version_affected": "="
|
|
},
|
|
{
|
|
"version_value": "84.1",
|
|
"version_affected": "="
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"url": "https://github.com/sleepepi/slice/commit/6523bb17d889e2ab13d767f38afefdb37083f1d0",
|
|
"refsource": "MISC",
|
|
"name": "https://github.com/sleepepi/slice/commit/6523bb17d889e2ab13d767f38afefdb37083f1d0"
|
|
},
|
|
{
|
|
"url": "https://vuldb.com/?id.216174",
|
|
"refsource": "MISC",
|
|
"name": "https://vuldb.com/?id.216174"
|
|
},
|
|
{
|
|
"url": "https://github.com/sleepepi/slice/releases/tag/v84.2.0",
|
|
"refsource": "MISC",
|
|
"name": "https://github.com/sleepepi/slice/releases/tag/v84.2.0"
|
|
}
|
|
]
|
|
},
|
|
"impact": {
|
|
"cvss": [
|
|
{
|
|
"version": "3.1",
|
|
"baseScore": 2.4,
|
|
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N",
|
|
"baseSeverity": "LOW"
|
|
},
|
|
{
|
|
"version": "3.0",
|
|
"baseScore": 2.4,
|
|
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N",
|
|
"baseSeverity": "LOW"
|
|
}
|
|
]
|
|
}
|
|
} |