[Git][security-tracker-team/security-tracker][master] Add CVE-2024-27088/node-es5-ext
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Mon Feb 26 20:22:43 GMT 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
0a2dad21 by Salvatore Bonaccorso at 2024-02-26T21:21:14+01:00
Add CVE-2024-27088/node-es5-ext
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,7 +1,11 @@
CVE-2024-27092 (Hoppscotch is an API development ecosystem. Due to lack of validation ...)
TODO: check
CVE-2024-27088 (es5-ext contains ECMAScript 5 extensions. Passing functions with very ...)
- TODO: check
+ - node-es5-ext <unfixed>
+ NOTE: https://github.com/medikoo/es5-ext/security/advisories/GHSA-4gmj-3p3h-gm8h
+ NOTE: https://github.com/medikoo/es5-ext/issues/201
+ NOTE: https://github.com/medikoo/es5-ext/commit/3551cdd7b2db08b1632841f819d008757d28e8e2 (v1.10.63)
+ NOTE: https://github.com/medikoo/es5-ext/commit/a52e95736690ad1d465ebcd9791d54570e294602 (v1.10.63)
CVE-2024-27087 (Kirby is a content management system. The new link field introduced in ...)
TODO: check
CVE-2024-27084
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0a2dad210000d96493e901bde11b5a8cb0a959fa
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0a2dad210000d96493e901bde11b5a8cb0a959fa
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240226/8825fe7c/attachment.htm>
More information about the debian-security-tracker-commits
mailing list