Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:USN-5482-1
HistoryJun 16, 2022 - 4:22 p.m.

spip vulnerabilities

2022-06-1616:22:11
Google
osv.dev
5

7.4 High

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

68.1%

JSON

It was discovered that SPIP incorrectly validated inputs. An authenticated
attacker could possibly use this issue to execute arbitrary code.
This issue only affected Ubuntu 18.04 LTS. (CVE-2020-28984)

Charles Fol and Théo Gordyjan discovered that SPIP is vulnerable to Cross
Site Scripting (XSS). If a user were tricked into browsing a malicious SVG
file, an attacker could possibly exploit this issue to execute arbitrary
code. This issue was only fixed in Ubuntu 21.10. (CVE-2021-44118,
CVE-2021-44120, CVE-2021-44122, CVE-2021-44123)

It was discovered that SPIP incorrectly handled certain forms. A remote
authenticated editor could possibly use this issue to execute arbitrary code,
and a remote unauthenticated attacker could possibly use this issue to obtain
sensitive information. (CVE-2022-26846, CVE-2022-26847)

Related

ubuntu 2
openvas 10
osv 14
nessus 5
debian 4
prion 7
cvelist 7
cve 7
nvd 7
veracode 7
debiancve 7
cnvd 5
ubuntucve 7
ubuntu
ubuntu
SPIP vulnerabilities
2023-03-02 00:00:00
SPIP vulnerabilities
2022-06-16 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-5482-2)
2023-03-03 00:00:00
Ubuntu: Security Advisory (USN-5482-1)
2022-06-17 00:00:00
Debian: Security Advisory (DLA-2867-1)
2021-12-30 00:00:00
osv
osv
spip vulnerabilities
2023-03-02 10:15:19
spip - security update
2021-12-22 00:00:00
spip - security update
2021-12-29 00:00:00
nessus
nessus
Ubuntu 18.04 LTS : SPIP vulnerabilities (USN-5482-1)
2022-06-17 00:00:00
Ubuntu 20.04 LTS : SPIP vulnerabilities (USN-5482-2)
2023-03-02 00:00:00
Debian DLA-2949-1 : spip - LTS security update
2022-03-15 00:00:00
debian
debian
[SECURITY] [DLA 2949-1] spip security update
2022-03-15 10:55:21
[SECURITY] [DSA 4798-1] spip security update
2020-11-25 07:56:28
[SECURITY] [DLA 2505-1] spip security update
2020-12-23 18:05:27
prion
prion
Cross site scripting
2022-01-26 12:15:00
Design/Logic Flaw
2022-01-26 12:15:00
Code injection
2020-11-23 22:15:00
cvelist
cvelist
CVE-2021-44122
2022-01-26 11:47:55
CVE-2020-28984
2020-11-23 21:48:53
CVE-2021-44123
2022-01-26 11:57:30
cve
cve
CVE-2020-28984
2020-11-23 22:15:12
CVE-2021-44120
2022-01-26 12:15:07
CVE-2021-44122
2022-01-26 12:15:07
nvd
nvd
CVE-2021-44123
2022-01-26 12:15:07
CVE-2020-28984
2020-11-23 22:15:12
CVE-2021-44118
2022-01-26 12:15:07
veracode
veracode
Remote Code Execution (RCE)
2022-02-07 22:32:43
Improper Validation
2020-12-06 03:49:31
Cross-site Request Forgery (CSRF)
2022-02-07 22:32:45
debiancve
debiancve
CVE-2021-44123
2022-01-26 12:15:07
CVE-2021-44118
2022-01-26 12:15:07
CVE-2021-44122
2022-01-26 12:15:07
cnvd
cnvd
SPIP Cross-site Request Forgery Vulnerability (CNVD-2022-08190)
2022-01-28 00:00:00
SPIP SVG Cross-Site Scripting Vulnerability
2022-01-28 00:00:00
SPIP Information Disclosure Vulnerability (CNVD-2022-21820)
2022-03-14 00:00:00
ubuntucve
ubuntucve
CVE-2021-44120
2022-01-26 00:00:00
CVE-2021-44122
2022-01-26 00:00:00
CVE-2021-44123
2022-01-26 00:00:00

7.4 High

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

68.1%

JSON
Related for OSV:USN-5482-1
ubuntu2openvas10osv14nessus5debian4prion7cvelist7cve7nvd7veracode7debiancve7cnvd5ubuntucve7