[Git][security-tracker-team/security-tracker][master] Add CVE-2022-0155/node-follow-redirects
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Jan 11 09:16:29 GMT 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
ef08d18c by Salvatore Bonaccorso at 2022-01-11T10:15:53+01:00
Add CVE-2022-0155/node-follow-redirects
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -891,7 +891,10 @@ CVE-2022-22815 (path_getbbox in path.c in Pillow before 9.0.0 improperly initial
CVE-2022-22814
RESERVED
CVE-2022-0155 (follow-redirects is vulnerable to Exposure of Private Personal Informa ...)
- TODO: check
+ - node-follow-redirects <unfixed>
+ NOTE: https://huntr.dev/bounties/fc524e4b-ebb6-427d-ab67-a64181020406
+ NOTE: https://github.com/follow-redirects/follow-redirects/issues/183
+ NOTE: https://github.com/follow-redirects/follow-redirects/commit/8b347cbcef7c7b72a6e9be20f5710c17d6163c22 (v1.14.7)
CVE-2022-22813
RESERVED
CVE-2022-22812
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ef08d18cc1b39f72f8d5197bfd6a246630ffc456
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ef08d18cc1b39f72f8d5197bfd6a246630ffc456
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220111/eaa15454/attachment.htm>
More information about the debian-security-tracker-commits
mailing list