diff options
author | Neil Williams <codehelp@debian.org> | 2022-01-25 14:29:39 +0000 |
---|---|---|
committer | Neil Williams <codehelp@debian.org> | 2022-01-25 14:29:39 +0000 |
commit | bc890380e8330af2857809b5845f79d6cd1d58a9 (patch) | |
tree | 960e95cec6c3f1aac8bcb40297e74455d829def5 | |
parent | d55236f9ff26455dfc395b49b331c492c6187a77 (diff) |
Add CVE-2021-23567 colors.js <not-affected>
-rw-r--r-- | data/CVE/2021.list | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/data/CVE/2021.list b/data/CVE/2021.list index 4478d733e3..2a73934e81 100644 --- a/data/CVE/2021.list +++ b/data/CVE/2021.list @@ -56312,7 +56312,9 @@ CVE-2021-23569 CVE-2021-23568 (The package extend2 before 1.0.1 are vulnerable to Prototype Pollution ...) NOT-FOR-US: extend2 (fork of node-extend which is not affected) CVE-2021-23567 (The package colors after 1.4.0 are vulnerable to Denial of Service (Do ...) - TODO: check + - colors.js <not-affected> (Vulnerable code never in a released Debian version) + NOTE: https://github.com/Marak/colors.js/issues/285 + NOTE: https://github.com/Marak/colors.js/commit/074a0f8ed0c31c35d13d28632bd8a049ff136fb6 CVE-2021-23566 (The package nanoid before 3.1.31 are vulnerable to Information Exposur ...) NOT-FOR-US: Node nanoid (NaN0-1D) CVE-2021-23565 |