diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2022-02-18 07:16:08 +0100 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2022-02-18 07:16:08 +0100 |
commit | 71f17240735217654f329b188da72fbe89346c42 (patch) | |
tree | c925e4c974f67b6bfbbd718af0cd2c1e93e37888 | |
parent | 14cf83c86a3f9a07a2831103ad0680f2ecc82059 (diff) |
Add CVE-2022-0639/node-url-parse
-rw-r--r-- | data/CVE/list.2022 | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/data/CVE/list.2022 b/data/CVE/list.2022 index 04f8ae854a..5d024579f0 100644 --- a/data/CVE/list.2022 +++ b/data/CVE/list.2022 @@ -219,7 +219,9 @@ CVE-2022-0641 CVE-2022-0640 RESERVED CVE-2022-0639 (Authorization Bypass Through User-Controlled Key in NPM url-parse prio ...) - TODO: check + - node-url-parse 1.5.7-1 + NOTE: https://huntr.dev/bounties/83a6bc9a-b542-4a38-82cd-d995a1481155 + NOTE: https://github.com/unshiftio/url-parse/commit/ef45a1355375a8244063793a19059b4f62fc8788 (1.5.7) CVE-2022-0638 (Cross-Site Request Forgery (CSRF) in Packagist microweber/microweber p ...) TODO: check CVE-2022-0637 |