Open mend-for-github-com[bot] opened 2 years ago
Cybersecurity Evaluation Tool
Library home page: https://github.com/cisagov/cset.git
Found in base branch: master
/CSETWebApi/CSETWeb_Api/CSETWeb_Api/Diagram/src/main/java/com/mxgraph/online/ProxyServlet.java
Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository jgraph/drawio prior to 18.0.7.
Publish Date: 2022-05-18
URL: CVE-2022-1774
Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: Required - Scope: Changed - Impact Metrics: - Confidentiality Impact: Low - Integrity Impact: Low - Availability Impact: None
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1774
Release Date: 2022-05-18
Fix Resolution: v18.0.7
CVE-2022-1774 - Medium Severity Vulnerability
Cybersecurity Evaluation Tool
Library home page: https://github.com/cisagov/cset.git
Found in base branch: master
Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository jgraph/drawio prior to 18.0.7.
Publish Date: 2022-05-18
URL: CVE-2022-1774
Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: Required - Scope: Changed - Impact Metrics: - Confidentiality Impact: Low - Integrity Impact: Low - Availability Impact: None
For more information on CVSS3 Scores, click here.Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1774
Release Date: 2022-05-18
Fix Resolution: v18.0.7