Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
f6bad258 by Salvatore Bonaccorso at 2023-01-24T09:18:13+01:00
Add CVE-2022-3064/golang-yaml.v2
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -35534,7 +35534,9 @@ CVE-2022-3066 (An issue has been discovered in GitLab
affecting all versions sta
CVE-2022-3065 (Improper Access Control in GitHub repository jgraph/drawio
prior to 20 ...)
NOT-FOR-US: jgraph/drawio
CVE-2022-3064 (Parsing malicious or large YAML documents can consume excessive
amount ...)
- TODO: check
+ - golang-yaml.v2 2.2.8-1
+ NOTE:
https://github.com/go-yaml/yaml/commit/f221b8435cfb71e54062f6c6e99e9ade30b124d5
(v2.2.4)
+ TODO: check if affect other versions of "go-yaml"
CVE-2022-3063
REJECTED
CVE-2022-3062 (The Simple File List WordPress plugin before 4.4.12 does not
escape pa ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f6bad258e6b384885cd94ac90e023d45cbe7a781
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f6bad258e6b384885cd94ac90e023d45cbe7a781
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
