Pull request: cve-id
Merge in DNS/adguard-home from cve-id to master Squashed commit of the following: commit 5a5418db1992e49402a44a3c1cf9cffc132c8074 Author: Ainar Garipov <A.Garipov@AdGuard.COM> Date: Tue Oct 18 17:28:49 2022 +0300 all: upd cve id
This commit is contained in:
Ainar Garipov
@@ -122,9 +122,9 @@ See also the [v0.107.14 GitHub milestone][ms-v0.107.14].
|
|||||||
|
|
||||||
### Security
|
### Security
|
||||||
|
|
||||||
A Cross-Site Request Forgery (CSRF) vulnerability has been discovered. The CVE
|
A Cross-Site Request Forgery (CSRF) vulnerability has been discovered. We thank
|
||||||
number is to be assigned. We thank Daniel Elkabes from Mend.io for reporting
|
Daniel Elkabes from Mend.io for reporting this vulnerability to us. This is
|
||||||
this vulnerability to us.
|
[CVE-2022-32175].
|
||||||
|
|
||||||
#### `SameSite` Policy
|
#### `SameSite` Policy
|
||||||
|
|
||||||
@@ -173,6 +173,7 @@ All JSON APIs that expect a body now check if the request actually has
|
|||||||
[#4927]: https://github.com/AdguardTeam/AdGuardHome/issues/4927
|
[#4927]: https://github.com/AdguardTeam/AdGuardHome/issues/4927
|
||||||
[#4930]: https://github.com/AdguardTeam/AdGuardHome/issues/4930
|
[#4930]: https://github.com/AdguardTeam/AdGuardHome/issues/4930
|
||||||
|
|
||||||
|
[CVE-2022-32175]: https://www.cvedetails.com/cve/CVE-2022-32175
|
||||||
[ms-v0.107.14]: https://github.com/AdguardTeam/AdGuardHome/milestone/50?closed=1
|
[ms-v0.107.14]: https://github.com/AdguardTeam/AdGuardHome/milestone/50?closed=1
|
||||||
|
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user