diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2022-02-21 09:11:16 +0100 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2022-02-21 09:11:45 +0100 |
commit | 7ffa9c55b0c105d839adfb4e3ee54914c3ac7022 (patch) | |
tree | 550a2dd1b883aa3a4e31d4ab4dd62ac5a4c890b0 | |
parent | dd88829ac3a2a3d0bbeebbc79e4a3f624891a03b (diff) |
Add CVE-2022-23647/node-prismjs
-rw-r--r-- | data/CVE/list.2022 | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/data/CVE/list.2022 b/data/CVE/list.2022 index cf044f172b..a0084db984 100644 --- a/data/CVE/list.2022 +++ b/data/CVE/list.2022 @@ -5217,7 +5217,10 @@ CVE-2022-23649 (Cosign provides container signing, verification, and storage in CVE-2022-23648 RESERVED CVE-2022-23647 (Prism is a syntax highlighting library. Starting with version 1.14.0 a ...) - TODO: check + - node-prismjs <unfixed> + NOTE: https://github.com/PrismJS/prism/security/advisories/GHSA-3949-f494-cm99 + NOTE: https://github.com/PrismJS/prism/pull/3341 + NOTE: https://github.com/PrismJS/prism/commit/e002e78c343154e1c0ddf9d6a0bb85689e1a5c7c (v1.27.0) CVE-2022-23646 (Next.js is a React framework. Starting with version 10.0.0 and prior t ...) TODO: check CVE-2022-23645 (swtpm is a libtpms-based TPM emulator with socket, character device, a ...) |