[Secure-testing-commits] r32979 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Thu Mar 19 05:57:11 UTC 2015
Author: carnil
Date: 2015-03-19 05:57:11 +0000 (Thu, 19 Mar 2015)
New Revision: 32979
Modified:
data/CVE/list
Log:
Add CVE-2014-6393/node-express
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-03-18 22:29:27 UTC (rev 32978)
+++ data/CVE/list 2015-03-19 05:57:11 UTC (rev 32979)
@@ -14923,8 +14923,9 @@
CVE-2014-6394 (visionmedia send before 0.8.4 for Node.js uses a partial comparison ...)
- node-send 0.9.4-1
NOTE: https://nodesecurity.io/advisories/send-directory-traversal
-CVE-2014-6393
+CVE-2014-6393 [cross-site scripting via content-type header]
RESERVED
+ - node-express <unfixed>
CVE-2014-6392 (** DISPUTED ** Cross-site scripting (XSS) vulnerability in the ...)
NOT-FOR-US: Facebook app and Facebook Messenger app for iOS
CVE-2014-6391
More information about the Secure-testing-commits
mailing list