[Git][security-tracker-team/security-tracker][master] CVE-2022-0436/grunt unfixed #1009676)
Neil Williams (@codehelp)
codehelp at debian.org
Thu Apr 14 09:29:35 BST 2022
Neil Williams pushed to branch master at Debian Security Tracker / security-tracker
Commits:
75ad79e0 by Neil Williams at 2022-04-14T09:29:10+01:00
CVE-2022-0436/grunt unfixed #1009676)
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -13671,7 +13671,10 @@ CVE-2022-24283
CVE-2022-0437 (Cross-site Scripting (XSS) - DOM in NPM karma prior to 6.3.14. ...)
NOT-FOR-US: Node karma
CVE-2022-0436 (Path Traversal in GitHub repository gruntjs/grunt prior to 1.5.2. ...)
- TODO: check
+ - grunt <unfixed> (bug #1009676)
+ NOTE: https://github.com/gruntjs/grunt/commit/aad3d4521c3098fb255fb2db8f2e1d691a033665 (v1.5.0)
+ NOTE: https://github.com/gruntjs/grunt/pull/1740
+ NOTE: https://huntr.dev/bounties/f55315e9-9f6d-4dbb-8c40-bae50c1ae92b
CVE-2021-46669 (MariaDB through 10.5.9 allows attackers to trigger a convert_const_to_ ...)
- mariadb-10.6 1:10.6.7-1
- mariadb-10.5 <removed>
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/75ad79e005f7db655cfbea98464b6686783b26d3
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/75ad79e005f7db655cfbea98464b6686783b26d3
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220414/f17c4081/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list