diff options
| author | Moritz Muehlenhoff <jmm@debian.org> | 2022-04-29 15:43:04 +0200 |
|---|---|---|
| committer | Moritz Muehlenhoff <jmm@debian.org> | 2022-04-29 15:43:04 +0200 |
| commit | bc10ea95c8dd34ce90dbee2e8fe15ab5640b6bc3 (patch) | |
| tree | 08b40cc444be6dfdb7cc6e7e1b431618ad6c47a7 | |
| parent | 1b822951b10c0a7816a3a64181ca1d62f7e3aa70 (diff) | |
node-ejs fixed in sid
| -rw-r--r-- | data/CVE/list | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/data/CVE/list b/data/CVE/list index 79fccae76c..20065752d5 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -2332,7 +2332,7 @@ CVE-2022-29080 (The npm-dependency-versions package through 0.3.0 for Node.js al CVE-2022-29079 RESERVED CVE-2022-29078 (The ejs (aka Embedded JavaScript templates) package 3.1.6 for Node.js ...) - - node-ejs <unfixed> (bug #1010359) + - node-ejs 3.1.7-1 (bug #1010359) NOTE: https://eslam.io/posts/ejs-server-side-template-injection-rce/ NOTE: https://github.com/mde/ejs/commit/15ee698583c98dadc456639d6245580d17a24baf (v3.1.7) CVE-2022-29077 (A heap-based buffer overflow exists in rippled before 1.8.5. The vulne ...) |