[Git][security-tracker-team/security-tracker][master] CVE-2021-46708/swagger-ui <itp> #871461 and #895422
Neil Williams (@codehelp)
codehelp at debian.org
Mon Mar 14 09:45:34 GMT 2022
Neil Williams pushed to branch master at Debian Security Tracker / security-tracker
Commits:
623e8466 by Neil Williams at 2022-03-14T09:44:36+00:00
CVE-2021-46708/swagger-ui <itp> #871461 and #895422
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -684,7 +684,8 @@ CVE-2022-0924 (Out-of-bounds Read error in tiffcp in libtiff 4.3.0 allows attack
NOTE: https://gitlab.com/libtiff/libtiff/-/merge_requests/311
NOTE: https://gitlab.com/libtiff/libtiff/-/commit/88d79a45a31c74cba98c697892fed5f7db8b963a
CVE-2021-46708 (The swagger-ui-dist package before 4.1.3 for Node.js could allow a rem ...)
- TODO: check
+ - node-swagger-ui <itp> (bug #871461)
+ - swagger-ui <itp> (bug #895422)
CVE-2020-36518 (jackson-databind before 2.13.0 allows a Java StackOverflow exception a ...)
- jackson-databind <unfixed> (bug #1007109)
NOTE: https://github.com/FasterXML/jackson-databind/issues/2816
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/623e84666d4aac3b21415fea510b278448294400
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/623e84666d4aac3b21415fea510b278448294400
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220314/a6afc56f/attachment.htm>
More information about the debian-security-tracker-commits
mailing list