CVE-2022-4130

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2022-4130
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-4130.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2022-4130
Downstream
Published
2022-12-16T16:15:25.173Z
Modified
2026-03-11T00:26:03.553592Z
Severity
  • 4.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N CVSS Calculator
Summary
[none]
Details

A blind site-to-site request forgery vulnerability was found in Satellite server. It is possible to trigger an external interaction to an attacker's server by modifying the Referer header in an HTTP request of specific resources in the server.

References

Affected packages

Git /

Affected ranges

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-4130.json"
unresolved_ranges 
[
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "6.9"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "6.10"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "6.11"
            }
        ]
    }
]