diff options
| author | Salvatore Bonaccorso <carnil@debian.org> | 2022-02-21 21:26:35 +0100 |
|---|---|---|
| committer | Salvatore Bonaccorso <carnil@debian.org> | 2022-02-21 21:26:35 +0100 |
| commit | 6bb3d8dcefd5759e166a3a89c3a5dda81c0cb327 (patch) | |
| tree | b586b43f28d29ccf3feb93228471f3262fb08d58 | |
| parent | 666b7dfc17d5abb2c959e122fa49658f5b66ba17 (diff) | |
Add CVE-2022-0691/node-url-parse
| -rw-r--r-- | data/CVE/list.2022 | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/data/CVE/list.2022 b/data/CVE/list.2022 index 9340ecc4c9..09aaf6c9be 100644 --- a/data/CVE/list.2022 +++ b/data/CVE/list.2022 @@ -551,7 +551,9 @@ CVE-2022-0693 CVE-2022-0692 (Open Redirect on Rudloff/alltube in Packagist rudloff/alltube prior to ...) NOT-FOR-US: alltube CVE-2022-0691 (Authorization Bypass Through User-Controlled Key in NPM url-parse prio ...) - TODO: check + - node-url-parse 1.5.9+~1.4.8-1 + NOTE: https://huntr.dev/bounties/57124ed5-4b68-4934-8325-2c546257f2e4 + NOTE: https://github.com/unshiftio/url-parse/commit/0e3fb542d60ddbf6933f22eb9b1e06e25eaa5b63 (1.5.9) CVE-2022-25369 RESERVED CVE-2022-25368 |