diff options
| author | Thorsten Alteholz <debian@alteholz.de> | 2022-09-25 16:23:47 +0200 |
|---|---|---|
| committer | Thorsten Alteholz <debian@alteholz.de> | 2022-09-25 16:23:47 +0200 |
| commit | 0684454437ba183b95f8fd75830d1d2887d14798 (patch) | |
| tree | 7680ceb6c200d9c34acd863866827c60d8217b01 | |
| parent | d7f8f3d0648ba55c543088f90ceb18610d11773d (diff) | |
mark CVE-2022-25869 and CVE-2022-25844 as no-dsa for Buster
| -rw-r--r-- | data/CVE/list | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/data/CVE/list b/data/CVE/list index 818b8276be..c9140feef8 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -42150,6 +42150,7 @@ CVE-2022-25871 (All versions of package querymen are vulnerable to Prototype Pol CVE-2022-25869 (All versions of package angular are vulnerable to Cross-site Scripting ...) - angular.js <unfixed> [bullseye] - angular.js <no-dsa> (Minor issue) + [buster] - angular.js <no-dsa> (Minor issue) NOTE: https://security.snyk.io/vuln/SNYK-JS-ANGULAR-2949781 CVE-2022-25867 (The package io.socket:socket.io-client before 2.0.1 are vulnerable to ...) NOT-FOR-US: socket.io-client-java @@ -42206,6 +42207,7 @@ CVE-2022-25845 (The package com.alibaba:fastjson before 1.2.83 are vulnerable to CVE-2022-25844 (The package angular after 1.7.0 are vulnerable to Regular Expression D ...) - angular.js <unfixed> (bug #1014779) [bullseye] - angular.js <no-dsa> (Minor issue) + [buster] - angular.js <no-dsa> (Minor issue, probably even not-affected) [stretch] - angular.js <ignored> (Nodejs in stretch not covered by security support) NOTE: https://snyk.io/vuln/SNYK-JS-ANGULAR-2772735 CVE-2022-25843 |