From e2f87754f794e8f94abd4b68b73db5e57c70a9f3 Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Sat, 12 Jun 2021 10:03:53 +0200
Subject: CVE-2021-23334 confirmed to be rejected (withdrawn by its CNA)

---
 data/CVE/list | 7 ++-----
 1 file changed, 2 insertions(+), 5 deletions(-)

(limited to 'data')

diff --git a/data/CVE/list b/data/CVE/list
index 4defc2124f..2593cd82b8 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -26861,11 +26861,8 @@ CVE-2021-23336 (The package python/cpython from 0 and before 3.6.13, from 3.7.0
 	NOTE: https://snyk.io/blog/cache-poisoning-in-popular-open-source-packages/
 CVE-2021-23335 (All versions of package is-user-valid are vulnerable to LDAP Injection ...)
 	NOT-FOR-US: Node is-user-valid
-CVE-2021-23334 (All versions of package static-eval are vulnerable to Arbitrary Code E ...)
-	- node-static-eval <unfixed> (unimportant)
-	NOTE: https://snyk.io/vuln/SNYK-JS-STATICEVAL-1056765
-	NOTE: https://github.com/browserify/static-eval/issues/34
-	NOTE: Explicitly documented as such by upstream: https://github.com/browserify/static-eval#security
+CVE-2021-23334
+	REJECTED
 CVE-2021-23333
 	RESERVED
 CVE-2021-23332
-- 
cgit v1.2.3