[Git][security-tracker-team/security-tracker][master] Update entry for CVE-2020-28282: Associate with node-getobject
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sun Oct 10 19:32:23 BST 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
58c6c0cd by Salvatore Bonaccorso at 2021-10-10T20:28:56+02:00
Update entry for CVE-2020-28282: Associate with node-getobject
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -64158,7 +64158,8 @@ CVE-2020-28284
CVE-2020-28283 (Prototype pollution vulnerability in 'libnested' versions 0.0.0 throug ...)
NOT-FOR-US: libnested
CVE-2020-28282 (Prototype pollution vulnerability in 'getobject' version 0.1.0 allows ...)
- NOT-FOR-US: Node getobject
+ - node-getobject 1.0.2-1
+ NOTE: https://github.com/cowboy/node-getobject/commit/84071748fa407caa8f824e0d0b9c1cde9ec56633 (v1.0.0)
CVE-2020-28281 (Prototype pollution vulnerability in 'set-object-value' versions 0.0.0 ...)
NOT-FOR-US: react-atomic-organism
CVE-2020-28280 (Prototype pollution vulnerability in 'predefine' versions 0.0.0 throug ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/58c6c0cd38964ac33bb8ca3214f9b11e8e4b55c4
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/58c6c0cd38964ac33bb8ca3214f9b11e8e4b55c4
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20211010/1e940bc9/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list