From 47901bf62b788986bb8175d109ee0a4690792369 Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Tue, 25 Jan 2022 22:00:55 +0100
Subject: CVE-2021-23518: Add reference back as incomplete fix for
 CVE-2018-16472

---
 data/CVE/list.2021 | 1 +
 1 file changed, 1 insertion(+)

diff --git a/data/CVE/list.2021 b/data/CVE/list.2021
index c18f1c9fa3..791332a5e2 100644
--- a/data/CVE/list.2021
+++ b/data/CVE/list.2021
@@ -56427,6 +56427,7 @@ CVE-2021-23518 (The package cached-path-relative before 1.1.0 are vulnerable to
 	- node-cached-path-relative <unfixed> (bug #1004338)
 	NOTE: https://github.com/ashaffer/cached-path-relative/commit/40c73bf70c58add5aec7d11e4f36b93d144bb760
 	NOTE: results from incomplete fix for https://security.snyk.io/vuln/SNYK-JS-CACHEDPATHRELATIVE-72573
+	NOTE: which was CVE-2018-16472.
 CVE-2021-23517
 	RESERVED
 CVE-2021-23516
-- 
cgit v1.2.3