Add CVE-2022-35256/nodejs

author: Salvatore Bonaccorso <carnil@debian.org> 2022-09-23 20:59:57 +0200
committer: Salvatore Bonaccorso <carnil@debian.org> 2022-09-23 20:59:57 +0200
commit: e4c3d3526d19d4b3d6b16cef7dc87ac62c75c217 (patch)
tree: 8faa8748050fb1325eddb6dc46608b7cc143042e /data/CVE/list
parent: a26468305b0b2750dcbb3888615471f4c608ab9a (diff)
1 files changed, 4 insertions, 1 deletions
diff --git a/data/CVE/list b/data/CVE/list
index 029e527d86..709b28c740 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -15524,8 +15524,11 @@ CVE-2022-35258
 	RESERVED
 CVE-2022-35257
 	RESERVED
-CVE-2022-35256
+CVE-2022-35256 [HTTP Request Smuggling Due to Incorrect Parsing of Header Fields]
 	RESERVED
+	- nodejs <unfixed>
+	- llhttp <itp> (bug #977716)
+	NOTE: https://nodejs.org/en/blog/vulnerability/september-2022-security-releases/#http-request-smuggling-due-to-incorrect-parsing-of-header-fields-medium-cve-2022-35256
 CVE-2022-35255
 	RESERVED
 CVE-2022-35254
author	Salvatore Bonaccorso <carnil@debian.org>	2022-09-23 20:59:57 +0200
committer	Salvatore Bonaccorso <carnil@debian.org>	2022-09-23 20:59:57 +0200
commit	e4c3d3526d19d4b3d6b16cef7dc87ac62c75c217 (patch)
tree	8faa8748050fb1325eddb6dc46608b7cc143042e /data/CVE/list
parent	a26468305b0b2750dcbb3888615471f4c608ab9a (diff)