diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2023-10-28 09:48:30 +0200 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2023-10-28 09:48:30 +0200 |
commit | 64b780a63ea6933076b95cfe2065e74809e45eee (patch) | |
tree | c56023db32ebf525f6fa3bcf8e5f1d1e5b97e028 /data | |
parent | 3ecc02cf4226a41e41c1b474021ef1673d9698f8 (diff) |
Add Debian bug reference for nodejs issues
Diffstat (limited to 'data')
-rw-r--r-- | data/CVE/list | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/data/CVE/list b/data/CVE/list index 1162ebdaa8..525abd6f47 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -1132,7 +1132,7 @@ CVE-2023-5625 - python-eventlet <not-affected> (Red Hat-specific regression) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2244717 CVE-2023-39333 - - nodejs <unfixed> + - nodejs <unfixed> (bug #1054892) [bullseye] - nodejs <not-affected> (Only affects 18.x and later) [buster] - nodejs <not-affected> (Only affects 18.x and later) NOTE: https://nodejs.org/en/blog/vulnerability/october-2023-security-releases#code-injection-via-webassembly-export-names-low---cve-2023-39333 @@ -1925,7 +1925,7 @@ CVE-2023-39277 (SonicOS post-authentication stack-based buffer overflow vulnerab CVE-2023-39276 (SonicOS post-authentication stack-based buffer overflow vulnerability ...) NOT-FOR-US: SonicOS CVE-2023-38552 (When the Node.js policy feature checks the integrity of a resource aga ...) - - nodejs <unfixed> + - nodejs <unfixed> (bug #1054892) [bullseye] - nodejs <not-affected> (Only affects 18.x and later) [buster] - nodejs <not-affected> (Only affects 18.x and later) NOTE: https://nodejs.org/en/blog/vulnerability/october-2023-security-releases#integrity-checks-according-to-policies-can-be-circumvented-medium---cve-2023-38552 |