[Git][security-tracker-team/security-tracker][master] Add CVE-2022-21670/node-markdown-it

Tue Jan 11 09:24:27 GMT 2022


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
242f4e24 by Salvatore Bonaccorso at 2022-01-11T10:21:49+01:00
Add CVE-2022-21670/node-markdown-it

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -9352,7 +9352,9 @@ CVE-2022-21672 (make-ca is a utility to deliver and manage a complete PKI config
 CVE-2022-21671
 	RESERVED
 CVE-2022-21670 (markdown-it is a Markdown parser. Prior to version 1.3.2, special patt ...)
-	TODO: check
+	- node-markdown-it <unfixed>
+	NOTE: https://github.com/markdown-it/markdown-it/security/advisories/GHSA-6vfc-qv3f-vr6c
+	NOTE: https://github.com/markdown-it/markdown-it/commit/ffc49ab46b5b751cd2be0aabb146f2ef84986101 (12.3.2)
 CVE-2022-21669
 	RESERVED
 CVE-2022-21668 (pipenv is a Python development workflow tool. Starting with version 20 ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/242f4e24cc6fb734de25f3afb180fc7110c24dfd

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/242f4e24cc6fb734de25f3afb180fc7110c24dfd
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220111/55fb5a12/attachment.htm>
