linux_kernel_cves
linux_kernel_cves copied to clipboard
nluedtke
Tracking CVEs for the linux Kernel
Bumps [json5](https://github.com/json5/json5) to 2.2.3 and updates ancestor dependencies [json5](https://github.com/json5/json5), [json5](https://github.com/json5/json5) and [@vue/cli-plugin-babel](https://github.com/vuejs/vue-cli/tree/HEAD/packages/@vue/cli-plugin-babel). These dependencies need to be updated together. Updates `json5` from 2.2.1 to 2.2.3 Release notes Sourced from json5's...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
**Change Type Requested** Update **CVE id number** CVE-2022-47946 **References** (https://github.com/gregkh/linux/commit/0f544353fec8e717d37724d95b92538e1de79e86) in 5.10.155 fixes it (https://github.com/gregkh/linux/commit/a63d9157571b52f7339d6db4c2ab7bc3bfe527c0) in 5.10.12 backported the offending code (https://github.com/torvalds/linux/commit/d9d05217cb6990b9a56e13b56e7a1b71e2551f6c) in 5.11-rc3 was the original commit **Additional context**...
Bumps [json5](https://github.com/json5/json5) to 2.2.3 and updates ancestor dependencies [json5](https://github.com/json5/json5), [@vue/cli-plugin-babel](https://github.com/vuejs/vue-cli/tree/HEAD/packages/@vue/cli-plugin-babel) and [stylus-loader](https://github.com/webpack-contrib/stylus-loader). These dependencies need to be updated together. Updates `json5` from 2.2.1 to 2.2.3 Release notes Sourced from json5's...
**Change Type Requested** Add/Remove/Update **CVE id number** CVE-XXXX-XXXXXX **References** Links providing information on the CVE. **Additional context** Add any other context or information you can provide.
Bumps [decode-uri-component](https://github.com/SamVerschueren/decode-uri-component) from 0.2.0 to 0.2.2. Release notes Sourced from decode-uri-component's releases. v0.2.2 Prevent overwriting previously decoded tokens 980e0bf https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.1...v0.2.2 v0.2.1 Switch to GitHub workflows 76abc93 Fix issue where decode...
**Change Type Requested** Add/Remove/Update **CVE id number** CVE-XXXX-XXXXXX **References** Links providing information on the CVE. **Additional context** Add any other context or information you can provide.
Bumps [highlight.js](https://github.com/highlightjs/highlight.js) from 9.18.5 to 10.7.3. Release notes Sourced from highlight.js's releases. 10.7.3 fix(parser) Resolves issue with missing TypeScript property Jacob Swanner No other changes. Version 10.7.2 This is a...
**Change Type Requested** Update **CVE id number** CVE-2022-1786 **References** https://github.com/torvalds/linux/commit/29f077d070519a88a793fbc70f1e6484dc6d9e35 **Additional context** In file "data/5.10/5.10_security.txt" the CVE's commit ID is right, but the subject of git log is wrong. Please...
**Change Type Requested** Update **CVE id number** CVE-2020-36775 **References** https://github.com/gregkh/linux/commit/0478ccdc8ea016de1ebaf6fe6da0275c2b258c5b https://github.com/torvalds/linux/commit/687de7f1010cb819d04b768556960d3689abe02b https://github.com/torvalds/linux/commit/344150999b7fc88502a65bbb147a47503eca2033 https://github.com/torvalds/linux/commit/687de7f1010cb819d04b768556960d3689abe02b **Additional context** The first commit is a backport to 5.4.189, which says it backports df77fbd8c5b222c680444801ffd20e8bbc90a56e. But if...
**Change Type Requested** Update **CVE id number** CVE-2021-47124 CVE-2023-52479 CVE-2023-52480 CVE-2023-52563 CVE-2023-52571 CVE-2023-52589 CVE-2023-52593 CVE-2023-52618 **Additional context** These bugs all affect drivers that were introduced at some time, but the...