[Git][security-tracker-team/security-tracker][master] Add CVE-2018-16491/node-extend

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
7a6ac147 by Salvatore Bonaccorso at 2019-02-05T06:12:27Z
Add CVE-2018-16491/node-extend

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -26618,7 +26618,9 @@ CVE-2018-16492 (A prototype pollution vulnerability was 
found in module extend &
        NOTE: https://github.com/justmoon/node-extend/pull/48
        NOTE: nodejs not covered by security support
 CVE-2018-16491 (A prototype pollution vulnerability was found in node.extend 
<1.1.7, ...)
-       TODO: check
+       - node-extend 3.0.2-1 (unimportant)
+       NOTE: https://hackerone.com/reports/430831
+       NOTE: nodejs not covered by security support
 CVE-2018-16490 (A prototype pollution vulnerability was found in module mpath 
<0.5.1 ...)
        TODO: check
 CVE-2018-16489 (A prototype pollution vulnerability was found in just-extend 
<4.0.0 ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/7a6ac1479b859f4fc83a3d3c9ed3e336f14c3d5d

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/7a6ac1479b859f4fc83a3d3c9ed3e336f14c3d5d
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits