Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
286cfb03 by Salvatore Bonaccorso at 2022-05-01T17:23:27+02:00
Add CVE-2022-21227/node-sqlite3
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -11362,8 +11362,12 @@ CVE-2022-21231
RESERVED
CVE-2022-21230
RESERVED
-CVE-2022-21227
+CVE-2022-21227 [Denial-of-Service due to fatal error when binding invalid
parameters]
RESERVED
+ - node-sqlite3 <unfixed>
+ NOTE: https://github.com/advisories/GHSA-9qrh-qjmc-5w2p
+ NOTE: Fixed by:
https://github.com/TryGhost/node-sqlite3/commit/593c9d498be2510d286349134537e3bf89401c4a
(v5.0.3)
+ NOTE: https://security.snyk.io/vuln/SNYK-JS-SQLITE3-2388645
CVE-2022-21223 (The package cocoapods-downloader before 1.6.2 are vulnerable
to Comman ...)
NOT-FOR-US: cocoapods-downloader
CVE-2022-21222
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/286cfb03246c52c448270c15edd35671ddfc2a51
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/286cfb03246c52c448270c15edd35671ddfc2a51
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
