From e4c3d3526d19d4b3d6b16cef7dc87ac62c75c217 Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Fri, 23 Sep 2022 20:59:57 +0200
Subject: Add CVE-2022-35256/nodejs

---
 data/CVE/list | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

(limited to 'data/CVE/list')

diff --git a/data/CVE/list b/data/CVE/list
index 029e527d86..709b28c740 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -15524,8 +15524,11 @@ CVE-2022-35258
 	RESERVED
 CVE-2022-35257
 	RESERVED
-CVE-2022-35256
+CVE-2022-35256 [HTTP Request Smuggling Due to Incorrect Parsing of Header Fields]
 	RESERVED
+	- nodejs <unfixed>
+	- llhttp <itp> (bug #977716)
+	NOTE: https://nodejs.org/en/blog/vulnerability/september-2022-security-releases/#http-request-smuggling-due-to-incorrect-parsing-of-header-fields-medium-cve-2022-35256
 CVE-2022-35255
 	RESERVED
 CVE-2022-35254
-- 
cgit v1.2.3