[Git][security-tracker-team/security-tracker][master] new node-object-path issue

Wed Oct 21 15:01:59 BST 2020


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e816fb61 by Moritz Muehlenhoff at 2020-10-21T16:01:39+02:00
new node-object-path issue

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -25996,7 +25996,8 @@ CVE-2020-15258 (In Wire before 3.20.x, `shell.openExternal` was used without che
 CVE-2020-15257
 	RESERVED
 CVE-2020-15256 (A prototype pollution vulnerability has been found in `object-path` &l ...)
-	TODO: check
+	- node-object-path <unfixed>
+	NOTE: https://github.com/mariocasciaro/object-path/security/advisories/GHSA-cwx2-736x-mf6w
 CVE-2020-15255 (In Anuko Time Tracker before verion 1.19.23.5325, due to not properly  ...)
 	NOT-FOR-US: Anuko Time Tracker
 CVE-2020-15254 (Crossbeam is a set of tools for concurrent programming. In crossbeam-c ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e816fb61c833f585b8cef18df4a21a7f69bf41e3

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e816fb61c833f585b8cef18df4a21a7f69bf41e3
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20201021/def6af14/attachment.html>
