You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@trafficcontrol.apache.org by zr...@apache.org on 2022/02/05 00:25:19 UTC
[trafficcontrol-website] branch asf-site updated: CVE-2022-23206
This is an automated email from the ASF dual-hosted git repository.
zrhoffman pushed a commit to branch asf-site
in repository https://gitbox.apache.org/repos/asf/trafficcontrol-website.git
The following commit(s) were added to refs/heads/asf-site by this push:
new 06ce1a6 CVE-2022-23206
06ce1a6 is described below
commit 06ce1a69e4680fbd2fd3dfeb2b16ccf6989a9cd4
Author: Zach Hoffman <zr...@apache.org>
AuthorDate: Fri Feb 4 17:22:59 2022 -0700
CVE-2022-23206
---
security/index.html | 1 +
1 file changed, 1 insertion(+)
diff --git a/security/index.html b/security/index.html
index dd5b33c..0fd96bd 100644
--- a/security/index.html
+++ b/security/index.html
@@ -103,6 +103,7 @@
<div class="card-body">
<h4 class="card-title">Past Vulnerabilities</h4>
<ul>
+ <li><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23206">Apache Traffic Control: Server-Side Request Forgery in Traffic Ops endpoint POST /user/login/oauth</a></li>
<li><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43350">CVE-2021-43350: Apache Traffic
Control: LDAP filter injection vulnerability in Traffic Ops</a></li>
<li><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42009">CVE-2021-42009: Apache Traffic