[Git][security-tracker-team/security-tracker][master] Add CVE-2024-27088/node-es5-ext

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon Feb 26 20:22:43 GMT 2024



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
0a2dad21 by Salvatore Bonaccorso at 2024-02-26T21:21:14+01:00
Add CVE-2024-27088/node-es5-ext

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,7 +1,11 @@
 CVE-2024-27092 (Hoppscotch is an API development ecosystem.  Due to lack of validation ...)
 	TODO: check
 CVE-2024-27088 (es5-ext contains ECMAScript 5 extensions. Passing functions with very  ...)
-	TODO: check
+	- node-es5-ext <unfixed>
+	NOTE: https://github.com/medikoo/es5-ext/security/advisories/GHSA-4gmj-3p3h-gm8h
+	NOTE: https://github.com/medikoo/es5-ext/issues/201
+	NOTE: https://github.com/medikoo/es5-ext/commit/3551cdd7b2db08b1632841f819d008757d28e8e2 (v1.10.63)
+	NOTE: https://github.com/medikoo/es5-ext/commit/a52e95736690ad1d465ebcd9791d54570e294602 (v1.10.63)
 CVE-2024-27087 (Kirby is a content management system. The new link field introduced in ...)
 	TODO: check
 CVE-2024-27084



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0a2dad210000d96493e901bde11b5a8cb0a959fa

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0a2dad210000d96493e901bde11b5a8cb0a959fa
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240226/8825fe7c/attachment.htm>


More information about the debian-security-tracker-commits mailing list