Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
fbf7ed27 by Salvatore Bonaccorso at 2023-05-05T21:25:11+02:00
Update information for CVE-2023-2251/node-yaml
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -820,8 +820,11 @@ CVE-2023-2252
RESERVED
CVE-2023-2251 (Uncaught Exception in GitHub repository eemeli/yaml prior to
2.0.0-4.)
- node-yaml <unfixed>
+ [bullseye] - node-yaml <not-affected> (Vulnerable code not present)
NOTE: https://huntr.dev/bounties/4b494e99-5a3e-40d9-8678-277f3060e96c
- NOTE:
https://www.github.com/eemeli/yaml/commit/984f5781ffd807e58cad3b5c8da1f940dab75fba
(v2.2.2)
+ NOTE: https://github.com/advisories/GHSA-f9xv-q969-pqx4
+ NOTE: Introduced by:
https://github.com/eemeli/yaml/commit/89119eeec4a305d741b26d1a49ffa1ac67394a8e#diff-55db69e02ff5714d444d8081ec6ecac5d9833fb29fda64d1e829e5766434fdc0R97
(v2.0.0-5)
+ NOTE: Fixed by:
https://www.github.com/eemeli/yaml/commit/984f5781ffd807e58cad3b5c8da1f940dab75fba
(v2.2.2)
CVE-2023-2250 (A flaw was found in the Open Cluster Management (OCM) when a
user have ...)
NOT-FOR-US: Open Cluster Management (OCM)
CVE-2023-2249
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fbf7ed27b62f3c7283eab014d20aeb1faf453d16
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fbf7ed27b62f3c7283eab014d20aeb1faf453d16
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
