Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

1 – 3 of 3 results


CVE-2022-2589

Medium priority
Needs evaluation

Cross-site Scripting (XSS) - Reflected in GitHub repository beancount/fava prior to 1.22.3.

1 affected packages

fava

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
fava Not in release Needs evaluation Needs evaluation Not in release Not in release
Show less packages

CVE-2022-2523

Medium priority
Needs evaluation

Cross-site Scripting (XSS) - Reflected in GitHub repository beancount/fava prior to 1.22.2.

1 affected packages

fava

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
fava Not in release Needs evaluation Needs evaluation Not in release Not in release
Show less packages

CVE-2022-2514

Medium priority
Needs evaluation

The time and filter parameters in Fava prior to v1.22 are vulnerable to reflected XSS due to the lack of escaping of error messages which contained the parameters in verbatim.

1 affected packages

fava

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
fava Not in release Needs evaluation Needs evaluation Not in release Not in release
Show less packages