From afada32c3121eae7874eaf46d7793c9dde67fc0d Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Sat, 24 Sep 2022 13:29:55 +0200
Subject: Add CVE-2022-40716/consul

---
 data/CVE/list | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'data/CVE/list')

diff --git a/data/CVE/list b/data/CVE/list
index 900290dde9..3e03e90919 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1466,7 +1466,8 @@ CVE-2022-40718
 CVE-2022-40717
 	RESERVED
 CVE-2022-40716 (HashiCorp Consul and Consul Enterprise up to 1.11.8, 1.12.4, and 1.13. ...)
-	TODO: check
+	- consul <unfixed>
+	NOTE: https://discuss.hashicorp.com/t/hcsec-2022-20-consul-service-mesh-intention-bypass-with-malicious-certificate-signing-request/44628
 CVE-2022-40715 (An issue was discovered in NOKIA 1350OMS R14.2. An Absolute Path Trave ...)
 	NOT-FOR-US: NOKIA
 CVE-2022-40714 (An issue was discovered in NOKIA 1350OMS R14.2. Reflected XSS exists u ...)
-- 
cgit v1.2.3