[Git][security-tracker-team/security-tracker][master] Add CVE-2022-0144/node-shelljs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Jan 11 19:59:29 GMT 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
b930f16d by Salvatore Bonaccorso at 2022-01-11T20:59:01+01:00
Add CVE-2022-0144/node-shelljs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1197,7 +1197,10 @@ CVE-2022-22732
CVE-2022-22731
RESERVED
CVE-2022-0144 (shelljs is vulnerable to Improper Privilege Management ...)
- TODO: check
+ - node-shelljs 0.8.5+~cs0.8.10-1
+ NOTE: https://huntr.dev/bounties/50996581-c08e-4eed-a90e-c0bac082679c/
+ NOTE: https://github.com/shelljs/shelljs/issues/1058
+ NOTE: https://github.com/shelljs/shelljs/commit/d919d22dd6de385edaa9d90313075a77f74b338c (v0.8.5)
CVE-2022-0143
RESERVED
CVE-2022-0142
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b930f16d934ee75e5b857024604fd110d84ad60d
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b930f16d934ee75e5b857024604fd110d84ad60d
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220111/1028e267/attachment.htm>
More information about the debian-security-tracker-commits
mailing list