[Git][security-tracker-team/security-tracker][master] CVE-2021-23334 confirmed to be rejected (withdrawn by its CNA)
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sat Jun 12 09:04:22 BST 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
e2f87754 by Salvatore Bonaccorso at 2021-06-12T10:03:53+02:00
CVE-2021-23334 confirmed to be rejected (withdrawn by its CNA)
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -26861,11 +26861,8 @@ CVE-2021-23336 (The package python/cpython from 0 and before 3.6.13, from 3.7.0
NOTE: https://snyk.io/blog/cache-poisoning-in-popular-open-source-packages/
CVE-2021-23335 (All versions of package is-user-valid are vulnerable to LDAP Injection ...)
NOT-FOR-US: Node is-user-valid
-CVE-2021-23334 (All versions of package static-eval are vulnerable to Arbitrary Code E ...)
- - node-static-eval <unfixed> (unimportant)
- NOTE: https://snyk.io/vuln/SNYK-JS-STATICEVAL-1056765
- NOTE: https://github.com/browserify/static-eval/issues/34
- NOTE: Explicitly documented as such by upstream: https://github.com/browserify/static-eval#security
+CVE-2021-23334
+ REJECTED
CVE-2021-23333
RESERVED
CVE-2021-23332
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e2f87754f794e8f94abd4b68b73db5e57c70a9f3
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e2f87754f794e8f94abd4b68b73db5e57c70a9f3
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210612/2b5ebbbc/attachment.htm>
More information about the debian-security-tracker-commits
mailing list