Update entry for CVE-2020-28282: Associate with node-getobject

author: Salvatore Bonaccorso <carnil@debian.org> 2021-10-10 20:28:56 +0200
committer: Salvatore Bonaccorso <carnil@debian.org> 2021-10-10 20:28:56 +0200
commit: 4fd290b1f878243c635b851db103e9a91415aa02 (patch)
tree: 6d9b42ea0a82c9491fe46d7907230fe36fa82e48 /data/CVE/list.2020
parent: afdc6e7664a1d60a44815b998f6dfa306c20cecd (diff)
1 files changed, 2 insertions, 1 deletions
diff --git a/data/CVE/list.2020 b/data/CVE/list.2020
index e4384397a9..cc4bde2057 100644
--- a/data/CVE/list.2020
+++ b/data/CVE/list.2020
@@ -6691,7 +6691,8 @@ CVE-2020-28284
 CVE-2020-28283 (Prototype pollution vulnerability in 'libnested' versions 0.0.0 throug ...)
 	NOT-FOR-US: libnested
 CVE-2020-28282 (Prototype pollution vulnerability in 'getobject' version 0.1.0 allows  ...)
-	NOT-FOR-US: Node getobject
+	- node-getobject 1.0.2-1
+	NOTE: https://github.com/cowboy/node-getobject/commit/84071748fa407caa8f824e0d0b9c1cde9ec56633 (v1.0.0)
 CVE-2020-28281 (Prototype pollution vulnerability in 'set-object-value' versions 0.0.0 ...)
 	NOT-FOR-US: react-atomic-organism
 CVE-2020-28280 (Prototype pollution vulnerability in 'predefine' versions 0.0.0 throug ...)
author	Salvatore Bonaccorso <carnil@debian.org>	2021-10-10 20:28:56 +0200
committer	Salvatore Bonaccorso <carnil@debian.org>	2021-10-10 20:28:56 +0200
commit	4fd290b1f878243c635b851db103e9a91415aa02 (patch)
tree	6d9b42ea0a82c9491fe46d7907230fe36fa82e48 /data/CVE/list.2020
parent	afdc6e7664a1d60a44815b998f6dfa306c20cecd (diff)