[Git][security-tracker-team/security-tracker][master] node-sanitize-html now in the archive

Moritz Muehlenhoff (@jmm) jmm at debian.org
Wed Feb 16 09:25:58 GMT 2022 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
c0338314 by Moritz Muehlenhoff at 2022-02-16T10:25:13+01:00
node-sanitize-html now in the archive

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -63775,9 +63775,9 @@ CVE-2021-26542
 CVE-2021-26541 (The gitlog function in src/index.ts in gitlog before 4.0.4 has a comma ...)
 	NOT-FOR-US: Node gitlog
 CVE-2021-26540 (Apostrophe Technologies sanitize-html before 2.3.2 does not properly v ...)
-	NOT-FOR-US: sanitize-html
+	- node-sanitize-html <not-affected> (Fixed before initial upload)
 CVE-2021-26539 (Apostrophe Technologies sanitize-html before 2.3.1 does not properly h ...)
-	NOT-FOR-US: sanitize-html
+	- node-sanitize-html <not-affected> (Fixed before initial upload)
 CVE-2021-3379
 	RESERVED
 CVE-2021-3378 (FortiLogger 4.4.2.2 is affected by Arbitrary File Upload by sending a  ...)
@@ -277047,9 +277047,9 @@ CVE-2017-16019 (GitBook is a command line tool (and Node.js library) for buildin
 CVE-2017-16018 (Restify is a framework for building REST APIs. Restify >=2.0.0 < ...)
 	NOT-FOR-US: Restify
 CVE-2017-16017 (sanitize-html is a library for scrubbing html input for malicious valu ...)
-	NOT-FOR-US: sanitize-html
+	- node-sanitize-html <not-affected> (Fixed before initial upload)
 CVE-2017-16016 (Sanitize-html is a library for scrubbing html input of malicious value ...)
-	NOT-FOR-US: sanitize-html
+	- node-sanitize-html <not-affected> (Fixed before initial upload)
 CVE-2017-16015 (Forms is a library for easily creating HTML forms. Versions before 1.3 ...)
 	NOT-FOR-US: Forms
 CVE-2017-16014 (Http-proxy is a proxying library. Because of the way errors are handle ...)
@@ -328533,7 +328533,7 @@ CVE-2016-1000239
 CVE-2016-1000238
 	RESERVED
 CVE-2016-1000237 (sanitize-html before 1.4.3 has XSS. ...)
-	NOT-FOR-US: sanitize-html
+	- node-sanitize-html <not-affected> (Fixed before initial upload)
 CVE-2016-1000236 (Node-cookie-signature before 1.0.6 is affected by a timing attack due  ...)
 	- node-cookie-signature 1.1.0-1 (unimportant; bug #838618)
 	NOTE: https://nodesecurity.io/advisories/134



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c033831430eade0e3fc811725a89dfc238e72e4d

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c033831430eade0e3fc811725a89dfc238e72e4d
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220216/04e8d97c/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list