[Secure-testing-commits] r26531 - data/CVE
Paul Wise
pabs at moszumanska.debian.org
Sun Apr 13 15:31:51 UTC 2014
Author: pabs
Date: 2014-04-13 15:31:50 +0000 (Sun, 13 Apr 2014)
New Revision: 26531
Modified:
data/CVE/list
Log:
Add two NodeJS module issues discovered by the Node Security Project
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-04-13 14:46:13 UTC (rev 26530)
+++ data/CVE/list 2014-04-13 15:31:50 UTC (rev 26531)
@@ -1,3 +1,6 @@
+CVE-2014-XXXX [node-marked: multiple content injection vulnerabilities]
+ - node-marked 0.3.1+dfsg-1
+ NOTE: https://nodesecurity.io/advisories/marked_multiple_content_injection_vulnerabilities
CVE-2014-2851 [net: ping: refcount issue in ping_init_sock() function]
- linux <unfixed>
- linux-2.6 <removed>
@@ -120,6 +123,9 @@
RESERVED
CVE-2014-2687
RESERVED
+CVE-2013-XXXX [node-connect: methodOverride middleware reflected cross-site scripting]
+ - node-connect <unfixed> (bug #744374)
+ NOTE: https://nodesecurity.io/advisories/methodOverride_Middleware_Reflected_Cross-Site_Scripting
CVE-2013-7354
- libpng <undetermined>
NOTE: http://sourceforge.net/p/libpng/bugs/199/
More information about the Secure-testing-commits
mailing list