oss-sec mailing list archives
CVE request: various NodeJS module vulnerabilities
From: Paul Wise <pabs3 () bonedaddy net>
Date: Wed, 24 Sep 2014 12:20:32 +0800
Hi all, This is a request for CVEs for the following vulnerabilities discovered by the Node Security Project. I left out their advisories where I could find an assigned CVE. https://nodesecurity.io/advisories qs Denial-of-Service Memory Exhaustion https://nodesecurity.io/advisories/qs_dos_memory_exhaustion qs Denial-of-Service Extended Event Loop Blocking https://nodesecurity.io/advisories/qs_dos_extended_event_loop_blocking syntax-error potential for script injection https://nodesecurity.io/advisories/syntax-error-potential-script-injection send Directory Traversal https://nodesecurity.io/advisories/send-directory-traversal Crumb CORS Token Disclosure https://nodesecurity.io/advisories/crumb_cors_token_disclosure -- bye, pabs http://bonedaddy.net/pabs3/
Attachment:
signature.asc
Description: This is a digitally signed message part
Current thread:
- CVE request: various NodeJS module vulnerabilities Paul Wise (Sep 23)
- Re: CVE request: various NodeJS module vulnerabilities cve-assign (Sep 29)
- <Possible follow-ups>
- CVE request: various NodeJS module vulnerabilities Paul Wise (Sep 28)