Search CVE reports
1 – 3 of 3 results
CVE-2022-2589
Medium priorityCross-site Scripting (XSS) - Reflected in GitHub repository beancount/fava prior to 1.22.3.
1 affected packages
fava
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
fava | Not in release | Needs evaluation | Needs evaluation | Not in release | Not in release |
CVE-2022-2523
Medium priorityCross-site Scripting (XSS) - Reflected in GitHub repository beancount/fava prior to 1.22.2.
1 affected packages
fava
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
fava | Not in release | Needs evaluation | Needs evaluation | Not in release | Not in release |
CVE-2022-2514
Medium priorityThe time and filter parameters in Fava prior to v1.22 are vulnerable to reflected XSS due to the lack of escaping of error messages which contained the parameters in verbatim.
1 affected packages
fava
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
fava | Not in release | Needs evaluation | Needs evaluation | Not in release | Not in release |