1. Home
  2. Vulnerabilities
  3. CVE-2022-49355
0.0
NA
CVE-2022-49355
"Apache Struts Cross-Site Scripting"
Description

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

INFO

Published Date :

Feb. 26, 2025, 7:01 a.m.

Last Modified :

Feb. 26, 2025, 1:15 p.m.

Remotely Exploit :

No

Source :

416baaa9-dc9f-4396-8d5f-8c081fb06d67
Affected Products

The following products are affected by CVE-2022-49355 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID Vendor Product Action
1 Linux linux_kernel
: Total Affected Vendor : 1 | Products : 1
Solution
This CVE ID has been rejected or withdrawn.
  • Consult the CVE Numbering Authority for more information.

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2022-49355 vulnerability anywhere in the article.

Results are limited to the first 20 news articles due to potential performance issues.

The following table lists the changes that have been made to the CVE-2022-49355 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

  • CVE Rejected by 416baaa9-dc9f-4396-8d5f-8c081fb06d67

    Feb. 26, 2025

    Action Type Old Value New Value
  • CVE Modified by 416baaa9-dc9f-4396-8d5f-8c081fb06d67

    Feb. 26, 2025

    Action Type Old Value New Value
    Changed Description In the Linux kernel, the following vulnerability has been resolved: xen: unexport __init-annotated xen_xlate_map_ballooned_pages() EXPORT_SYMBOL and __init is a bad combination because the .init.text section is freed up after the initialization. Hence, modules cannot use symbols annotated __init. The access to a freed symbol may end up with kernel panic. modpost used to detect it, but it has been broken for a decade. Recently, I fixed modpost so it started to warn it again, then this showed up in linux-next builds. There are two ways to fix it: - Remove __init - Remove EXPORT_SYMBOL I chose the latter for this case because none of the in-tree call-sites (arch/arm/xen/enlighten.c, arch/x86/xen/grant-table.c) is compiled as modular. Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
    Removed Reference kernel.org: https://git.kernel.org/stable/c/0ddb4334f4136cd5c84885032894663a4d57928d
    Removed Reference kernel.org: https://git.kernel.org/stable/c/29a9935a90dd32b89d04e249e0a948cb4949e7af
    Removed Reference kernel.org: https://git.kernel.org/stable/c/40e6078fcf186b4f452abcbffcb004e28d750395
    Removed Reference kernel.org: https://git.kernel.org/stable/c/b43387364d8291190fd4ea1322b65c337802baa2
    Removed Reference kernel.org: https://git.kernel.org/stable/c/b49c884146e20314808c9420640b26876ff55c80
    Removed Reference kernel.org: https://git.kernel.org/stable/c/be9581f4fda795aa0e18cdc333efc1e447e1a55c
    Removed Reference kernel.org: https://git.kernel.org/stable/c/c0d076419136a7528abc1831847099400f61d60f
    Removed Reference kernel.org: https://git.kernel.org/stable/c/dbac14a5a05ff8e1ce7c0da0e1f520ce39ec62ea
    Removed Reference kernel.org: https://git.kernel.org/stable/c/f319c9b45b351019349cc779ce6721ebc211245c
  • New CVE Received by 416baaa9-dc9f-4396-8d5f-8c081fb06d67

    Feb. 26, 2025

    Action Type Old Value New Value
    Added Description In the Linux kernel, the following vulnerability has been resolved: xen: unexport __init-annotated xen_xlate_map_ballooned_pages() EXPORT_SYMBOL and __init is a bad combination because the .init.text section is freed up after the initialization. Hence, modules cannot use symbols annotated __init. The access to a freed symbol may end up with kernel panic. modpost used to detect it, but it has been broken for a decade. Recently, I fixed modpost so it started to warn it again, then this showed up in linux-next builds. There are two ways to fix it: - Remove __init - Remove EXPORT_SYMBOL I chose the latter for this case because none of the in-tree call-sites (arch/arm/xen/enlighten.c, arch/x86/xen/grant-table.c) is compiled as modular.
    Added Reference https://git.kernel.org/stable/c/0ddb4334f4136cd5c84885032894663a4d57928d
    Added Reference https://git.kernel.org/stable/c/29a9935a90dd32b89d04e249e0a948cb4949e7af
    Added Reference https://git.kernel.org/stable/c/40e6078fcf186b4f452abcbffcb004e28d750395
    Added Reference https://git.kernel.org/stable/c/b43387364d8291190fd4ea1322b65c337802baa2
    Added Reference https://git.kernel.org/stable/c/b49c884146e20314808c9420640b26876ff55c80
    Added Reference https://git.kernel.org/stable/c/be9581f4fda795aa0e18cdc333efc1e447e1a55c
    Added Reference https://git.kernel.org/stable/c/c0d076419136a7528abc1831847099400f61d60f
    Added Reference https://git.kernel.org/stable/c/dbac14a5a05ff8e1ce7c0da0e1f520ce39ec62ea
    Added Reference https://git.kernel.org/stable/c/f319c9b45b351019349cc779ce6721ebc211245c
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.
Vulnerability Scoring Details
No CVSS metrics available for this vulnerability.