CVE-2022-4642

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2022-4642

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-4642.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2022-4642

Published

2022-12-21T22:15:08.907Z

Modified

2026-02-12T07:43:56.711199Z

Severity

5.4 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVSS Calculator

Summary

[none]

Details

A vulnerability was found in tatoeba2. It has been classified as problematic. This affects an unknown part of the component Profile Name Handler. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version prod_2022-10-30 is able to address this issue. The name of the patch is 91110777fc8ddf1b4a2cf4e66e67db69b9700361. It is recommended to upgrade the affected component. The identifier VDB-216501 was assigned to this vulnerability.

References

Affected packages

Git / github.com/tatoeba/tatoeba2

Affected ranges

Type: GIT
Repo: https://github.com/tatoeba/tatoeba2
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

18175125d0e7ddc7766eb91138e758804791b84d

Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

91110777fc8ddf1b4a2cf4e66e67db69b9700361

Affected versions

Other

list

prod_2020-02-09

prod_2020-02-14

prod_2020-02-16

prod_2020-02-23

prod_2020-03-02

prod_2020-03-08

prod_2020-03-16

prod_2020-03-23

prod_2020-03-30

prod_2020-04-05

prod_2020-04-12

prod_2020-04-19

prod_2020-04-26

prod_2020-05-04

prod_2020-05-10

prod_2020-05-17

prod_2020-05-25

prod_2020-06-01

prod_2020-06-08

prod_2020-06-15

prod_2020-06-22

prod_2020-06-29

prod_2020-07-06

prod_2020-07-06_2

prod_2020-07-13

prod_2020-07-20

prod_2020-07-20_2

prod_2020-07-26

prod_2020-08-03

prod_2020-08-09

prod_2020-08-16

prod_2020-08-23

prod_2020-08-30

prod_2020-08-30_2

prod_2020-09-06

prod_2020-09-06_2

prod_2020-09-14

prod_2020-09-20

prod_2020-09-20_2

prod_2020-09-27

prod_2020-10-04

prod_2020-10-11

prod_2020-10-18

prod_2020-10-25

prod_2020-11-15

prod_2020-11-22

prod_2020-12-13

prod_2020-12-20

prod_2021-01-03

prod_2021-01-10

prod_2021-01-17

prod_2021-02-07

prod_2021-02-28

prod_2021-03-08

prod_2021-03-21

prod_2021-03-28

prod_2021-04-11

prod_2021-04-18

prod_2021-05-09

prod_2021-05-17

prod_2021-06-15

prod_2021-07-17

prod_2021-08-07

prod_2021-08-22

prod_2021-09-11

prod_2021-10-02

prod_2021-10-17

prod_2021-10-24

prod_2021-12-12

prod_2022-02-20

prod_2022-03-20

prod_2022-04-03

prod_2022-04-17

prod_2022-04-24

prod_2022-05-01

prod_2022-05-08

prod_2022-05-22

prod_2022-05-29

prod_2022-06-22

prod_2022-08-14

prod_2022-09-11

prod_2022-10-23

prod_2020-05-17.*

prod_2020-05-17.2

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-4642.json"