website: link CVE and attribute reporter

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
Jens Langhammer 2022-12-25 14:17:17 +01:00
parent 0423023d2e
commit 7046944bf6
No known key found for this signature in database
5 changed files with 12 additions and 6 deletions

View file

@ -3804,7 +3804,7 @@ Changed response : **200 OK**
## Fixed in 2022.10.2
- \*: fix CVE-2022-46145
- \*: fix [CVE-2022-46145](../security/CVE-2022-46145), Reported by [@sdimovv](https://github.com/sdimovv)
## Fixed in 2022.10.3
@ -3812,8 +3812,8 @@ Changed response : **200 OK**
## Fixed in 2022.10.4
- \*: fix CVE-2022-46172
- \*: fix CVE-2022-23555
- \*: fix [CVE-2022-46172](../security/CVE-2022-46172), Reported by [@DreamingRaven](https://github.com/DreamingRaven)
- \*: fix [CVE-2022-23555](../security/CVE-2022-23555), Reported by [@fuomag9](https://github.com/fuomag9)
## Upgrading

View file

@ -73,7 +73,7 @@ image:
## Fixed in 2022.11.2
- \*: fix CVE-2022-46145
- \*: fix [CVE-2022-46145](../security/CVE-2022-46145), Reported by [@sdimovv](https://github.com/sdimovv)
## Fixed in 2022.11.3
@ -81,8 +81,8 @@ image:
## Fixed in 2022.11.4
- \*: fix CVE-2022-46172
- \*: fix CVE-2022-23555
- \*: fix [CVE-2022-46172](../security/CVE-2022-46172), Reported by [@DreamingRaven](https://github.com/DreamingRaven)
- \*: fix [CVE-2022-23555](../security/CVE-2022-23555), Reported by [@fuomag9](https://github.com/fuomag9)
## API Changes

View file

@ -1,5 +1,7 @@
# CVE-2022-23555
_Reported by [@fuomag9](https://github.com/fuomag9)_
## Token reuse in invitation URLs leads to access control bypass via the use of a different enrollment flow
### Summary

View file

@ -1,5 +1,7 @@
# CVE-2022-46145
_Reported by [@sdimovv](https://github.com/sdimovv)_
## Unauthorized user creation and potential account takeover
### Impact

View file

@ -1,5 +1,7 @@
# CVE-2022-46172
_Reported by [@DreamingRaven](https://github.com/DreamingRaven)_
## Existing Authenticated Users can Create Arbitrary Accounts
### Summary