Add CVE-2022-40716/consul

author: Salvatore Bonaccorso <carnil@debian.org> 2022-09-24 13:29:55 +0200
committer: Salvatore Bonaccorso <carnil@debian.org> 2022-09-24 13:29:55 +0200
commit: afada32c3121eae7874eaf46d7793c9dde67fc0d (patch)
tree: 69950653a98677132f2a7d61d804afca6c641f7e /data/CVE/list
parent: 5029a903c6c567427f7216841292db735b5783e9 (diff)
1 files changed, 2 insertions, 1 deletions
diff --git a/data/CVE/list b/data/CVE/list
index 900290dde9..3e03e90919 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1466,7 +1466,8 @@ CVE-2022-40718
 CVE-2022-40717
 	RESERVED
 CVE-2022-40716 (HashiCorp Consul and Consul Enterprise up to 1.11.8, 1.12.4, and 1.13. ...)
-	TODO: check
+	- consul <unfixed>
+	NOTE: https://discuss.hashicorp.com/t/hcsec-2022-20-consul-service-mesh-intention-bypass-with-malicious-certificate-signing-request/44628
 CVE-2022-40715 (An issue was discovered in NOKIA 1350OMS R14.2. An Absolute Path Trave ...)
 	NOT-FOR-US: NOKIA
 CVE-2022-40714 (An issue was discovered in NOKIA 1350OMS R14.2. Reflected XSS exists u ...)
author	Salvatore Bonaccorso <carnil@debian.org>	2022-09-24 13:29:55 +0200
committer	Salvatore Bonaccorso <carnil@debian.org>	2022-09-24 13:29:55 +0200
commit	afada32c3121eae7874eaf46d7793c9dde67fc0d (patch)
tree	69950653a98677132f2a7d61d804afca6c641f7e /data/CVE/list
parent	5029a903c6c567427f7216841292db735b5783e9 (diff)