Lucene search

Gentoo FoundationMGASA-2023-0022

HistoryJan 24, 2023 - 10:58 a.m.

Updated phoronix-test-suite packages fix security vulnerability

2023-01-2410:58:25

Gentoo Foundation

advisories.mageia.org

phoronix-test-suite

packages

xss

vulnerability

phoromatic_r_add_test_details.php

cve-2022-40704

unix

CVSS3

6.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

EPSS

0.001

Percentile

30.6%

JSON

XSS in phoromatic_r_add_test_details.php (CVE-2022-40704)

OSVersionArchitecturePackageVersionFilename
Mageia8noarchphoronix-test-suite< 10.8.2-1.1phoronix-test-suite-10.8.2-1.1.mga8

OS	Version	Architecture	Package	Version	Filename
Mageia	8	noarch	phoronix-test-suite	< 10.8.2-1.1	phoronix-test-suite-10.8.2-1.1.mga8

References

bugs.mageia.org/show_bug.cgi?id=31423

lists.fedoraproject.org/archives/list/[email protected]/thread/ETFF53AECMDP6PTNUVVCOODN3HMOETUU/

CVSS3

6.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

EPSS

0.001

Percentile

30.6%

JSON

Related for MGASA-2023-0022