diff options
author | Moritz Mühlenhoff <jmm@debian.org> | 2022-01-21 15:59:36 +0100 |
---|---|---|
committer | Moritz Mühlenhoff <jmm@debian.org> | 2022-01-21 15:59:36 +0100 |
commit | e10eeb0dff8b870ae71a3e01bc04a72b9df1e8c6 (patch) | |
tree | 6a5fae04d064d28d114b6927e9d90d7802e9f4e5 | |
parent | 9f7c8d297cb6519be8e315c4ad415654cef690e4 (diff) |
node-fetch spu
-rw-r--r-- | data/CVE/2022.list | 1 | ||||
-rw-r--r-- | data/next-point-update.txt | 2 |
2 files changed, 3 insertions, 0 deletions
diff --git a/data/CVE/2022.list b/data/CVE/2022.list index 6fde548780..4b4e55170e 100644 --- a/data/CVE/2022.list +++ b/data/CVE/2022.list @@ -1450,6 +1450,7 @@ CVE-2022-0236 (The WP Import Export WordPress plugin (both free and premium vers NOT-FOR-US: WordPress plugin CVE-2022-0235 (node-fetch is vulnerable to Exposure of Sensitive Information to an Un ...) - node-fetch 2.6.1-7 + [bullseye] - node-fetch <no-dsa> (Minor issue) NOTE: https://huntr.dev/bounties/d26ab655-38d6-48b3-be15-f9ad6b6ae6f7/ NOTE: Fixed by: https://github.com/node-fetch/node-fetch/commit/f5d3cf5e2579cb8f4c76c291871e69696aef8f80 (v3.1.1) CVE-2022-0234 diff --git a/data/next-point-update.txt b/data/next-point-update.txt index 223f51c148..e0d07071f5 100644 --- a/data/next-point-update.txt +++ b/data/next-point-update.txt @@ -42,3 +42,5 @@ CVE-2021-3997 [bullseye] - systemd 247.3-7 CVE-2020-18442 [bullseye] - zziplib 0.13.62-3.3+deb11u1 +CVE-2022-0235 + [bullseye] - node-fetch 2.6.1-5+deb11u1 |