nodejs: ignore CVE-2024-22017 - linux/meta-openembedded.git - Mirror of git.openembedded.org/meta-openembedded

diff options

author	Gyorgy Sarvari <skandigraun@gmail.com>	2026-01-02 12:28:58 +0100
committer	Gyorgy Sarvari <skandigraun@gmail.com>	2026-01-08 22:03:03 +0100
commit	ab83c61385854a2d333ed25c238c736bb596ce96 (patch)
tree	7a64aec4596967c103977d7cd09d2224ad77609b /meta-python/recipes-devtools
parent	f9ed3b8197d024b291fb100205fcfd371275f0db (diff)
download	meta-openembedded-ab83c61385854a2d333ed25c238c736bb596ce96.tar.gz

nodejs: ignore CVE-2024-22017

Details: https://nvd.nist.gov/vuln/detail/CVE-2024-22017 The vulnerability is related to the io_uring usage of libuv. Libuv first introduced io_uring support in v1.45[1]. oe-core ships a non-vulnerable version (1.44.2), and nodejs vendors also an older version (1.43). Mark this CVE as ignored for this recipe version. [1]: https://github.com/libuv/libuv/commit/d2c31f429b87b476a7f1344d145dad4752a406d4 Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>

Diffstat (limited to 'meta-python/recipes-devtools')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: