CVE-2022-25018

Published: 1 March 2022

Pluxml v5.8.7 was discovered to allow attackers to execute arbitrary code via crafted PHP code inserted into static pages.

Priority

CVSS 3 base score: 8.8

Status

Package	Release	Status
pluxml Launchpad, Ubuntu, Debian	bionic	Needs triage
	focal	Needs triage
	impish	Ignored (reached end-of-life)
	jammy	Needs triage
	trusty	Ignored (out of standard support)
	upstream	Needs triage
	xenial	Ignored (out of standard support)

Canonical is offering Ubuntu Extended Security Maintenance (ESM) for security fixes and essential packages.