CVS commit: pkgsrc/doc

["Thomas Klausner" <wiz%netbsd.org@localhost>]

Module Name:    pkgsrc
Committed By:   wiz
Date:           Thu May 15 06:31:18 UTC 2025

Modified Files:
        pkgsrc/doc: pkg-vulnerabilities

Log Message:
doc: add a nodejs vulnerability


To generate a diff of this commit:
cvs rdiff -u -r1.367 -r1.368 pkgsrc/doc/pkg-vulnerabilities

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: pkgsrc/doc/pkg-vulnerabilities
diff -u pkgsrc/doc/pkg-vulnerabilities:1.367 pkgsrc/doc/pkg-vulnerabilities:1.368
--- pkgsrc/doc/pkg-vulnerabilities:1.367        Tue May 13 20:47:39 2025
+++ pkgsrc/doc/pkg-vulnerabilities      Thu May 15 06:31:18 2025
@@ -1,4 +1,4 @@
-# $NetBSD: pkg-vulnerabilities,v 1.367 2025/05/13 20:47:39 leot Exp $
+# $NetBSD: pkg-vulnerabilities,v 1.368 2025/05/15 06:31:18 wiz Exp $
 #
 #FORMAT 1.0.0
 #
@@ -26187,3 +26187,6 @@ screen>=5<5.0.0nb3      multiple-vulnerabilit
 open-vm-tools<12.5.2   insecure-file-handling  https://nvd.nist.gov/vuln/detail/CVE-2025-22247
 varnish<7.7.1  request-smuggling       https://varnish-cache.org/security/VSV00016.html
 py{39,310,311,312,313}-flask>=3.1.0<3.1.1      improper-access-control         https://nvd.nist.gov/vuln/detail/CVE-2025-47278
+nodejs>=20<20.19.2     request-smuggling       https://nvd.nist.gov/vuln/detail/CVE-2025-23166
+nodejs>=22<22.15.1     request-smuggling       https://nvd.nist.gov/vuln/detail/CVE-2025-23166
+nodejs>=24<24.0.2      request-smuggling       https://nvd.nist.gov/vuln/detail/CVE-2025-23166