[Git][security-tracker-team/security-tracker][master] Add upstream tag reference for upstream commit for CVE-2022-25883
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Mon Jul 10 19:46:47 BST 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
96392bac by Salvatore Bonaccorso at 2023-07-10T20:46:03+02:00
Add upstream tag reference for upstream commit for CVE-2022-25883
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -101638,7 +101638,7 @@ CVE-2022-25883 (Versions of the package semver before 7.5.2 are vulnerable to Re
[bullseye] - node-semver <no-dsa> (Minor issue)
NOTE: https://security.snyk.io/vuln/SNYK-JS-SEMVER-3247795
NOTE: https://github.com/npm/node-semver/pull/564
- NOTE: https://github.com/npm/node-semver/commit/717534ee353682f3bcf33e60a8af4292626d4441
+ NOTE: https://github.com/npm/node-semver/commit/717534ee353682f3bcf33e60a8af4292626d4441 (v7.5.2)
CVE-2022-25882 (Versions of the package onnx before 1.13.0 are vulnerable to Directory ...)
NOT-FOR-US: onnx
CVE-2022-25881 (This affects versions of the package http-cache-semantics before 4.1.1 ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/96392bac22ebb3c55ce5cb6ab85f559619005b96
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/96392bac22ebb3c55ce5cb6ab85f559619005b96
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230710/4228a139/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list