diff options
| author | Sylvain Beucler <beuc@beuc.net> | 2020-02-20 14:42:41 +0100 |
|---|---|---|
| committer | Sylvain Beucler <beuc@beuc.net> | 2020-02-20 14:42:41 +0100 |
| commit | 08089a8f81e02bb85bd7c7e5697f099319df2469 (patch) | |
| tree | 9347fb9faf6b5903ade3fa4dab18f1df92c9a50f | |
| parent | 5eee24152822d6a8b0a8fe563312e34a8953c4b6 (diff) | |
CVE-2019-15604,CVE-2019-15606/nodejs: reference 10.x commits
| -rw-r--r-- | data/CVE/list | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/data/CVE/list b/data/CVE/list index 5f8842de93..448614fbce 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -32314,7 +32314,7 @@ CVE-2019-15607 (A stored XSS vulnerability is present within node-red (version: CVE-2019-15606 (Including trailing white space in HTTP header values in Nodejs 10, 12, ...) - nodejs <unfixed> NOTE: https://hackerone.com/reports/730779 - NOTE: https://github.com/nodejs/node/commit/25b6897e8a1072bd38b7d12d3ec6920bfe1c8de3 + NOTE: https://github.com/nodejs/node/commit/2eee90e959ca4abaf53caf238d063c396f2ea17c (10.x) CVE-2019-15605 (HTTP request smuggling in Node.js 10, 12, and 13 causes malicious payl ...) - nodejs <unfixed> - http-parser <unfixed> @@ -32323,7 +32323,7 @@ CVE-2019-15605 (HTTP request smuggling in Node.js 10, 12, and 13 causes maliciou CVE-2019-15604 (Improper Certificate Validation in Node.js 10, 12, and 13 causes the p ...) - nodejs <unfixed> NOTE: https://hackerone.com/reports/746733 - NOTE: https://github.com/nodejs/node/commit/1156a9e5f849f32a3664587f9cf37cd876fe0dd1 + NOTE: https://github.com/nodejs/node/commit/f940bee3b7da865e28093472dee9ce664f273f6d (10.x) CVE-2019-15603 (The seefl package v0.1.1 is vulnerable to a stored Cross-Site Scriptin ...) NOT-FOR-US: seefl CVE-2019-15602 (The fileview package v0.1.6 has inadequate output encoding and escapin ...) |