diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2022-02-20 21:18:09 +0100 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2022-02-20 21:18:09 +0100 |
commit | f2bf2a3f2f490c08698caeec4c0085dae040897d (patch) | |
tree | 51f01b547db9f26eac79879999c67bbe2120258e | |
parent | 39a07dd8f5aad28b477ac5b29e18c343a10e4738 (diff) |
Add CVE-2022-0686/node-url-parse
-rw-r--r-- | data/CVE/list.2022 | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/data/CVE/list.2022 b/data/CVE/list.2022 index 4ada6fee51..1f7e2fb1ad 100644 --- a/data/CVE/list.2022 +++ b/data/CVE/list.2022 @@ -25,7 +25,9 @@ CVE-2022-0688 (Business Logic Errors in Packagist microweber/microweber prior to CVE-2022-0687 RESERVED CVE-2022-0686 (Authorization Bypass Through User-Controlled Key in NPM url-parse prio ...) - TODO: check + - node-url-parse <unfixed> + NOTE: https://huntr.dev/bounties/55fd06cd-9054-4d80-83be-eb5a454be78c + NOTE: https://github.com/unshiftio/url-parse/commit/d5c64791ef496ca5459ae7f2176a31ea53b127e5 (1.5.8) CVE-2022-0685 (Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior ...) TODO: check CVE-2022-0684 |