Guilhem Moulin pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
0d7bcbe5 by Guilhem Moulin at 2023-02-25T19:21:16+01:00
Add links to follow-up commits for CVE-2022-32212/nodejs.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -60767,7 +60767,9 @@ CVE-2022-32212 (A OS Command Injection vulnerability
exists in Node.js versions
- nodejs 18.6.0+dfsg-3
NOTE:
https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/#dns-rebinding-in-inspect-via-invalid-ip-addresses-high-cve-2022-32212
NOTE:
https://github.com/nodejs/node/commit/48c5aa5cab718d04473fa2761d532657c84b8131
(v14.x)
+ NOTE:
https://github.com/nodejs/node/commit/a1121b456c54b16d980881f821cd700c6a4ca537
(14.20.1) (follow-up)
NOTE:
https://github.com/nodejs/node/commit/1aa5036c31ac2a9b2a2528af454675ad412f1464
(main)
+ NOTE:
https://github.com/nodejs/node/commit/b358fb27a4253c6827378a64163448c04301e19c
(main) (follow-up)
CVE-2022-32211 (A SQL injection vulnerability exists in Rocket.Chat
<v3.18.6, <v ...)
NOT-FOR-US: Rockert.Chat
CVE-2022-32210 (`Undici.ProxyAgent` never verifies the remote server's
certificate, an ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0d7bcbe5214b880c09c41e0de40ae4d5ecdc1954
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0d7bcbe5214b880c09c41e0de40ae4d5ecdc1954
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
