diff options
| author | Neil Williams <codehelp@debian.org> | 2022-01-25 14:29:39 +0000 |
|---|---|---|
| committer | Neil Williams <codehelp@debian.org> | 2022-01-25 14:29:39 +0000 |
| commit | bf7d964b45311c1ff9a63d54ec7913b096f4c4a6 (patch) | |
| tree | a3c407d3bc172c1fed87a4d5ea8410b9b054fa74 | |
| parent | c8da20c780ce9f3a281ab72dc7b8385e45d66239 (diff) | |
Add CVE-2021-23567 colors.js <not-affected>
| -rw-r--r-- | data/CVE/list.2021 | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/data/CVE/list.2021 b/data/CVE/list.2021 index 4478d733e3..2a73934e81 100644 --- a/data/CVE/list.2021 +++ b/data/CVE/list.2021 @@ -56312,7 +56312,9 @@ CVE-2021-23569 CVE-2021-23568 (The package extend2 before 1.0.1 are vulnerable to Prototype Pollution ...) NOT-FOR-US: extend2 (fork of node-extend which is not affected) CVE-2021-23567 (The package colors after 1.4.0 are vulnerable to Denial of Service (Do ...) - TODO: check + - colors.js <not-affected> (Vulnerable code never in a released Debian version) + NOTE: https://github.com/Marak/colors.js/issues/285 + NOTE: https://github.com/Marak/colors.js/commit/074a0f8ed0c31c35d13d28632bd8a049ff136fb6 CVE-2021-23566 (The package nanoid before 3.1.31 are vulnerable to Information Exposur ...) NOT-FOR-US: Node nanoid (NaN0-1D) CVE-2021-23565 |