Open mend-for-github-com[bot] opened 2 years ago
Cybersecurity Evaluation Tool
Library home page: https://github.com/cisagov/cset.git
Found in HEAD commit: 98a19fb8f04cb443d883714b84f3c1e38ab2e21b
Found in base branch: master
/CSETWebApi/CSETWeb_Api/CSETWeb_Api/Diagram/src/main/java/com/mxgraph/online/ProxyServlet.java
Server-Side Request Forgery (SSRF) in GitHub repository jgraph/drawio prior to 18.0.7.
Publish Date: 2022-05-18
URL: CVE-2022-1767
Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: None - Availability Impact: None
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1767
Release Date: 2022-05-18
Fix Resolution: v18.0.7
CVE-2022-1767 - High Severity Vulnerability
Cybersecurity Evaluation Tool
Library home page: https://github.com/cisagov/cset.git
Found in HEAD commit: 98a19fb8f04cb443d883714b84f3c1e38ab2e21b
Found in base branch: master
Server-Side Request Forgery (SSRF) in GitHub repository jgraph/drawio prior to 18.0.7.
Publish Date: 2022-05-18
URL: CVE-2022-1767
Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: None - Availability Impact: None
For more information on CVSS3 Scores, click here.Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1767
Release Date: 2022-05-18
Fix Resolution: v18.0.7