[Git][security-tracker-team/security-tracker][master] CVE-2021-22939/nodejs: reference patch
Sylvain Beucler (@beuc)
beuc at debian.org
Tue Sep 6 18:17:16 BST 2022
Sylvain Beucler pushed to branch master at Debian Security Tracker / security-tracker
Commits:
1300eaef by Sylvain Beucler at 2022-09-06T19:11:44+02:00
CVE-2021-22939/nodejs: reference patch
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -115436,6 +115436,7 @@ CVE-2021-22939 (If the Node.js https API was used incorrectly and "undefined" wa
- nodejs 12.22.5~dfsg-1
[bullseye] - nodejs 12.22.5~dfsg-2~11u1
[stretch] - nodejs <end-of-life> (Nodejs in stretch not covered by security support)
+ NOTE: https://github.com/nodejs/node/commit/1780bbc3291357f7c3370892eb311fc7a62afe8d (v12.22.5)
NOTE: https://nodejs.org/en/blog/vulnerability/aug-2021-security-releases/#incomplete-validation-of-rejectunauthorized-parameter-low-cve-2021-22939
CVE-2021-22938 (A vulnerability in Pulse Connect Secure before 9.1R12 could allow an a ...)
NOT-FOR-US: Pulse Connect Secure
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1300eaef415f4e3ddc1913abcda60357d7cb9db7
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1300eaef415f4e3ddc1913abcda60357d7cb9db7
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220906/37d6bd81/attachment.htm>
More information about the debian-security-tracker-commits
mailing list