Good Afternoon, I’m writing to inquire about the applicability of a couple CVEs to the Bullseye release. The two CVEs below are popping in our Prisma scans as vulnerable, however I noticed on the Debian site that Bullseye
isn’t listed. This seemed to deviate from the majority of CVEs we’re reviewing. Are you able to confirm that if a CVE page doesn’t list a release in the tracker that we’re to assume the release isn’t vulnerable? https://security-tracker.debian.org/tracker/CVE-2022-24675 https://security-tracker.debian.org/tracker/CVE-2022-28327 Also, confirming my email subscription via
CONFIRM s2022062918105226032. Thank you, Griffin Weikel Security Risk Engineering Manager M: (443) 745-4594 LinkedIn
| Twitter | YouTube
| Facebook |