VDB
GCVE-110-MAGEIA-2022-104
GCVE-110-MAGEIA-2022-104
Advisory Published
The {% debug %} template tag didn't properly encode the current context
posing an XSS attack vector (CVE-2022-22818).
Passing certain inputs to multipart forms could result in an infinite loop
when parsing files resulting in a denial of service (CVE-2022-23833).
The python-django update necessitated a version update to python-asgiref
as well.
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | python-asgiref | 0 (affected), 3.5.0-1.mga8 (unaffected), 0 (affected), 3.5.0-1.mga8 (unaffected) | — |
| Mageia | opencpn-statusbar-plugin | 0 (affected), 0.8.22-1.mga8 (unaffected) | — |
| Mageia | opencpn | 0 (affected), 5.6.2-4.mga8 (unaffected) | — |
| Mageia | opencpn-logbookkonni-plugin | 0 (affected), 1.4.28-1.mga8 (unaffected) | — |
| Mageia | opencpn-ais-radar-plugin | 0 (affected), 1.2.23.0-1.mga8 (unaffected) | — |
| Mageia | opencpn-celestial-navigation-plugin | 0 (affected), 2.3.15.0-1.mga8 (unaffected) | — |
| Mageia | opencpn-weather-routing-plugin | 0 (affected), 1.13.48.0-1.mga8 (unaffected) | — |
| Mageia | opencpn-weatherfax-plugin | 0 (affected), 1.9.40.0-2.mga8 (unaffected) | — |
| Mageia | opencpn-polar-plugin | 0 (affected), 1.1.29-1.mga8 (unaffected) | — |
| Mageia | opencpn-squiddio-plugin | 0 (affected), 1.3.21-1.mga8 (unaffected) | — |
| Mageia | opencpn-watchdog-plugin | 2.4.44-1.mga8 (unaffected), 0 (affected) | — |
| Mageia | python-django | 3.2.12-1.mga8 (unaffected), 0 (affected), 3.2.12-1.mga8 (unaffected), 0 (affected) | — |
| Mageia | opencpn-climatology-plugin | 1.4.46.0-1.mga8 (unaffected), 0 (affected) | — |
Aliases
References
Browse GCVE Records
72,148 records in the GCVE database · Updated July 14, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.