CVE-2022-2073: Code injection in grav

June 30, 2022 (updated July 5, 2022)

Code Injection in GitHub repository getgrav/grav prior to 1.7.34.

References

github.com/advisories/GHSA-cxgw-r5jg-7xwq
github.com/getgrav/grav/commit/9d6a2dba09fd4e56f5cdfb9a399caea355bfeb83
huntr.dev/bounties/3ef640e6-9e25-4ecb-8ec1-64311d63fe66
nvd.nist.gov/vuln/detail/CVE-2022-2073

Detect and mitigate CVE-2022-2073 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →