Approved changes feed: RSS · Atom
cpe:2.3:a:opensuse:paste:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Opensuse (3380e48e-e718-5685-8ad0-092ef58910e5) |
|---|---|
| Product | Paste (3e9c1882-fafe-5408-8d07-f2f7ebbe15f3) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from purl2cpe mapping |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:github/opensuse/paste |
purl2cpe | 2026-06-01 10:15:36.613244 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2022-21948 |
vulnerable | 2026-06-03 14:46:14.596488 |
paste: XSS on the image upload function
MEDIUM (4.3)
An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in paste allows remote attackers to place Javascript into SVG files. This issue affects: openSUSE paste paste version b57b9f87e303a3db9465776e657378e96845493b and prior versions.
Published: 2023-02-07T00:00:00.000Z
Updated: 2025-03-25T17:34:02.566Z Reference links |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.