[Git][security-tracker-team/security-tracker][master] Add CVE-2022-32511/ruby-jmespath
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Jun 9 08:30:51 BST 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
c2e286a7 by Salvatore Bonaccorso at 2022-06-09T09:30:16+02:00
Add CVE-2022-32511/ruby-jmespath
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -153,7 +153,9 @@ CVE-2022-32513
CVE-2022-32512
RESERVED
CVE-2022-32511 (jmespath.rb (aka JMESPath for Ruby) before 1.6.1 uses JSON.load in a s ...)
- TODO: check
+ - ruby-jmespath <unfixed>
+ NOTE: https://github.com/jmespath/jmespath.rb/pull/55
+ NOTE: https://github.com/jmespath/jmespath.rb/commit/e8841280053a9d9a0c90f36223f926c8b9e4ec49 (v1.6.1)
CVE-2022-32510
RESERVED
CVE-2022-32509
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c2e286a7b1a11c52c9b410755d7542bead0b1e07
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c2e286a7b1a11c52c9b410755d7542bead0b1e07
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220609/11191f02/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list