Bug#1004384: bullseye-pu: package node-cached-path-relative/1.0.2-1+deb11u1

To: Yadd <yadd@debian.org>, 1004384@bugs.debian.org
Subject: Bug#1004384: bullseye-pu: package node-cached-path-relative/1.0.2-1+deb11u1
From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
Date: Sat, 19 Feb 2022 17:28:09 +0000
Message-id: <[🔎] e12ddf5d6ead96d44b59bec92adff3618ed96160.camel@adam-barratt.org.uk>
Reply-to: "Adam D. Barratt" <adam@adam-barratt.org.uk>, 1004384@bugs.debian.org
In-reply-to: <164320574349.279336.2575851961556945082.reportbug@debian007.xnr.fr>
References: <164320574349.279336.2575851961556945082.reportbug@debian007.xnr.fr> <164320574349.279336.2575851961556945082.reportbug@debian007.xnr.fr>

Control: tags -1 + confirmed

On Wed, 2022-01-26 at 15:02 +0100, Yadd wrote:
> node-cached-path-relative is vulnerable to prototype pollution
> (CVE-2021-23518)
> 

Please go ahead.

Regards,

Adam

Reply to:

Prev by Date: NEW changes in oldstable-new
Next by Date: Processed: Re: Bug#1004384: bullseye-pu: package node-cached-path-relative/1.0.2-1+deb11u1
Previous by thread: Bug#1004452: bullseye-pu: package gnupg2/2.2.27-2+deb11u1
Next by thread: Processed: Re: Bug#1004384: bullseye-pu: package node-cached-path-relative/1.0.2-1+deb11u1
Index(es):
- Date
- Thread