[Git][security-tracker-team/security-tracker][master] mark CVE-2020-36604 as not-affected for Buster
Thorsten Alteholz (@alteholz)
alteholz at debian.org
Sat Sep 24 10:29:16 BST 2022
Thorsten Alteholz pushed to branch master at Debian Security Tracker / security-tracker
Commits:
495bc703 by Thorsten Alteholz at 2022-09-24T11:28:31+02:00
mark CVE-2020-36604 as not-affected for Buster
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -78,6 +78,7 @@ CVE-2022-3277 [unrestricted creation of security groups]
TODO: details missing on RH bugzilla entry
CVE-2020-36604 (hoek before 8.5.1 and 9.x before 9.0.3 allows prototype poisoning in t ...)
- node-hoek 9.0.3+~5.0.0+~4.0.0-1
+ [buster] - node-hoek <not-affected> (Vulnerable code not present)
NOTE: https://github.com/hapijs/hoek/issues/352
NOTE: Fixed by: https://github.com/hapijs/hoek/commit/948baf98634a5c206875b67d11368f133034fa90 (v9.0.3)
CVE-2022-3276
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/495bc703711f5b44ddd95e236be389f9c2a4ec03
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/495bc703711f5b44ddd95e236be389f9c2a4ec03
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220924/620cbdd7/attachment.htm>
More information about the debian-security-tracker-commits
mailing list