[Git][security-tracker-team/security-tracker][master] Add links to follow-up commits for CVE-2022-32212/nodejs.
Guilhem Moulin (@guilhem)
guilhem at debian.org
Sat Feb 25 18:21:59 GMT 2023
Guilhem Moulin pushed to branch master at Debian Security Tracker / security-tracker
Commits:
0d7bcbe5 by Guilhem Moulin at 2023-02-25T19:21:16+01:00
Add links to follow-up commits for CVE-2022-32212/nodejs.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -60767,7 +60767,9 @@ CVE-2022-32212 (A OS Command Injection vulnerability exists in Node.js versions
- nodejs 18.6.0+dfsg-3
NOTE: https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/#dns-rebinding-in-inspect-via-invalid-ip-addresses-high-cve-2022-32212
NOTE: https://github.com/nodejs/node/commit/48c5aa5cab718d04473fa2761d532657c84b8131 (v14.x)
+ NOTE: https://github.com/nodejs/node/commit/a1121b456c54b16d980881f821cd700c6a4ca537 (14.20.1) (follow-up)
NOTE: https://github.com/nodejs/node/commit/1aa5036c31ac2a9b2a2528af454675ad412f1464 (main)
+ NOTE: https://github.com/nodejs/node/commit/b358fb27a4253c6827378a64163448c04301e19c (main) (follow-up)
CVE-2022-32211 (A SQL injection vulnerability exists in Rocket.Chat <v3.18.6, <v ...)
NOT-FOR-US: Rockert.Chat
CVE-2022-32210 (`Undici.ProxyAgent` never verifies the remote server's certificate, an ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0d7bcbe5214b880c09c41e0de40ae4d5ecdc1954
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0d7bcbe5214b880c09c41e0de40ae4d5ecdc1954
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230225/bb450ae1/attachment.htm>
More information about the debian-security-tracker-commits
mailing list