[Git][security-tracker-team/security-tracker][master] new node-url-parse issue

Moritz Muehlenhoff (@jmm) Tue, 27 Jul 2021 04:32:43 -0700


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
a1d844a9 by Moritz Muehlenhoff at 2021-07-27T13:32:03+02:00
new node-url-parse issue

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -340,7 +340,10 @@ CVE-2021-37411
 CVE-2021-3665
        RESERVED
 CVE-2021-3664 (url-parse is vulnerable to URL Redirection to Untrusted Site 
...)
-       TODO: check
+       - node-url-parse <unfixed>
+       [buster] - node-url-parse <no-dsa> (Minor issue)
+       NOTE: https://huntr.dev/bounties/1625557993985-unshiftio/url-parse/
+       NOTE: 
https://github.com/unshiftio/url-parse/commit/81ab967889b08112d3356e451bf03e6aa0cbb7e0
 CVE-2021-26250
        RESERVED
 CVE-2021-23208



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a1d844a9f3ad01ecdc16593b52979fa4a2101e34

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a1d844a9f3ad01ecdc16593b52979fa4a2101e34
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] new node-url-parse issue

Reply via email to