[Git][security-tracker-team/security-tracker][master] new node-ansi-regex issue
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Fri Sep 17 09:29:57 BST 2021
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
5595ad72 by Moritz Muehlenhoff at 2021-09-17T10:29:36+02:00
new node-ansi-regex issue
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -31,7 +31,11 @@ CVE-2021-3809
CVE-2021-3808
RESERVED
CVE-2021-3807 (ansi-regex is vulnerable to Inefficient Regular Expression Complexity ...)
- TODO: check
+ - node-ansi-regex <unfixed>
+ [bullseye] - node-ansi-regex <no-dsa> (Minor issue)
+ [buster] - node-ansi-regex <no-dsa> (Minor issue)
+ NOTE: https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994
+ NOTE: https://github.com/chalk/ansi-regex/commit/8d1d7cdb586269882c4bdc1b7325d0c58c8f76f9
CVE-2021-3806
RESERVED
CVE-2021-3805 (object-path is vulnerable to Improperly Controlled Modification of Obj ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5595ad72bef6025b6e3ecd732b372ce27d7212d0
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5595ad72bef6025b6e3ecd732b372ce27d7212d0
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210917/3bced865/attachment.htm>
More information about the debian-security-tracker-commits
mailing list