[Pkg-javascript-devel] Bug#989258: CVE-2021-33502
Moritz Muehlenhoff
jmm at debian.org
Sun May 30 17:03:17 BST 2021
Package: node-got
Severity: important
Tags: security
X-Debbugs-Cc: Debian Security Team <team at security.debian.org>
node-got bundles a copy of normalize-url, which is affected by CVE-2021-33502:
https://github.com/sindresorhus/normalize-url/releases/tag/v6.0.1
Patch:
https://github.com/sindresorhus/normalize-url/commit/b1fdb5120b6d27a88400d8800e67ff5a22bd2103
Cheers,
Moritz
More information about the Pkg-javascript-devel
mailing list