[Git][security-tracker-team/security-tracker][master] CVE-2022-0144/node-shelljs: stretch end-of-life

Sylvain Beucler (@beuc) beuc at debian.org
Fri Jan 14 18:45:53 GMT 2022 


Sylvain Beucler pushed to branch master at Debian Security Tracker / security-tracker


Commits:
86571f36 by Sylvain Beucler at 2022-01-14T19:45:34+01:00
CVE-2022-0144/node-shelljs: stretch end-of-life

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1644,6 +1644,7 @@ CVE-2022-22731
 	RESERVED
 CVE-2022-0144 (shelljs is vulnerable to Improper Privilege Management ...)
 	- node-shelljs 0.8.5+~cs0.8.10-1
+	[stretch] - node-shelljs <end-of-life> (Nodejs in stretch not covered by security support)
 	NOTE: https://huntr.dev/bounties/50996581-c08e-4eed-a90e-c0bac082679c/
 	NOTE: https://github.com/shelljs/shelljs/issues/1058
 	NOTE: https://github.com/shelljs/shelljs/commit/d919d22dd6de385edaa9d90313075a77f74b338c (v0.8.5)
@@ -19589,7 +19590,7 @@ CVE-2021-3805 (object-path is vulnerable to Improperly Controlled Modification o
 	- node-object-path 0.11.8-1
 	[bullseye] - node-object-path 0.11.5-3+deb11u1
 	[buster] - node-object-path <no-dsa> (Minor issue)
-	[stretch] - node-object-path <no-dsa> (Minor issue)
+	[stretch] - node-object-path <end-of-life> (Nodejs in stretch not covered by security support)
 	NOTE: https://huntr.dev/bounties/571e3baf-7c46-46e3-9003-ba7e4e623053
 	NOTE: https://github.com/mariocasciaro/object-path/commit/e6bb638ffdd431176701b3e9024f80050d0ef0a6
 CVE-2021-41303 (Apache Shiro before 1.8.0, when using Apache Shiro with Spring Boot, a ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/86571f3680ecb8c930a2c81881b2d49680b5d4de

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/86571f3680ecb8c930a2c81881b2d49680b5d4de
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220114/1c717fe7/attachment.htm>

More information about the debian-security-tracker-commits mailing list