summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMoritz Mühlenhoff <jmm@debian.org>2022-01-21 15:59:36 +0100
committerMoritz Mühlenhoff <jmm@debian.org>2022-01-21 15:59:36 +0100
commitdc105d55998325121fd6e3725783fdcf09b673ca (patch)
tree40cbfca716301dc297056f6a0ca80aae334cff98
parent898029c5a2d55febebb92970024c52f497458f55 (diff)
node-fetch spu
-rw-r--r--data/CVE/list.20221
-rw-r--r--data/next-point-update.txt2
2 files changed, 3 insertions, 0 deletions
diff --git a/data/CVE/list.2022 b/data/CVE/list.2022
index 6fde548780..4b4e55170e 100644
--- a/data/CVE/list.2022
+++ b/data/CVE/list.2022
@@ -1450,6 +1450,7 @@ CVE-2022-0236 (The WP Import Export WordPress plugin (both free and premium vers
NOT-FOR-US: WordPress plugin
CVE-2022-0235 (node-fetch is vulnerable to Exposure of Sensitive Information to an Un ...)
- node-fetch 2.6.1-7
+ [bullseye] - node-fetch <no-dsa> (Minor issue)
NOTE: https://huntr.dev/bounties/d26ab655-38d6-48b3-be15-f9ad6b6ae6f7/
NOTE: Fixed by: https://github.com/node-fetch/node-fetch/commit/f5d3cf5e2579cb8f4c76c291871e69696aef8f80 (v3.1.1)
CVE-2022-0234
diff --git a/data/next-point-update.txt b/data/next-point-update.txt
index 223f51c148..e0d07071f5 100644
--- a/data/next-point-update.txt
+++ b/data/next-point-update.txt
@@ -42,3 +42,5 @@ CVE-2021-3997
[bullseye] - systemd 247.3-7
CVE-2020-18442
[bullseye] - zziplib 0.13.62-3.3+deb11u1
+CVE-2022-0235
+ [bullseye] - node-fetch 2.6.1-5+deb11u1

© 2014-2022 Faster IT GmbH | imprint | privacy policy