From 1696ef5618d7546facc48e13c2800d4e7133ec79 Mon Sep 17 00:00:00 2001 From: bigopon <9994529+bigopon@users.noreply.github.com> Date: Sat, 2 Apr 2022 23:53:44 +1100 Subject: [PATCH] Improve GHSA-m6j2-v3gq-45r5 --- .../GHSA-m6j2-v3gq-45r5/GHSA-m6j2-v3gq-45r5.json | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) diff --git a/advisories/github-reviewed/2022/02/GHSA-m6j2-v3gq-45r5/GHSA-m6j2-v3gq-45r5.json b/advisories/github-reviewed/2022/02/GHSA-m6j2-v3gq-45r5/GHSA-m6j2-v3gq-45r5.json index 7198039e578d0..579a56c7db0e7 100644 --- a/advisories/github-reviewed/2022/02/GHSA-m6j2-v3gq-45r5/GHSA-m6j2-v3gq-45r5.json +++ b/advisories/github-reviewed/2022/02/GHSA-m6j2-v3gq-45r5/GHSA-m6j2-v3gq-45r5.json @@ -1,7 +1,7 @@ { "schema_version": "1.2.0", "id": "GHSA-m6j2-v3gq-45r5", - "modified": "2021-05-17T20:26:22Z", + "modified": "2022-04-02T12:53:44Z", "published": "2022-02-10T23:42:39Z", "aliases": [ "CVE-2019-10062" @@ -23,6 +23,9 @@ "events": [ { "introduced": "0" + }, + { + "fixed": "1.4.1" } ] } @@ -43,15 +46,19 @@ }, { "type": "WEB", - "url": "https://discourse.aurelia.io/t/xss-vulnerability-in-htmlsanitizer-might-be-insufficiently-handled/4219" + "url": "https://github.com/aurelia/templating-resources/blob/0cef07a8cac8e99146d8e1c4b734491bb3dc4724/src/html-sanitizer.js" }, { "type": "WEB", - "url": "https://github.com/aurelia/templating-resources/blob/0cef07a8cac8e99146d8e1c4b734491bb3dc4724/src/html-sanitizer.js" + "url": "https://www.gosecure.net/blog/2021/05/12/aurelia-framework-insecure-default-allows-xss/" }, { "type": "WEB", - "url": "https://www.gosecure.net/blog/2021/05/12/aurelia-framework-insecure-default-allows-xss/" + "url": "https://discourse.aurelia.io/t/xss-vulnerability-in-htmlsanitizer-might-be-insufficiently-handled/4219" + }, + { + "type": "PACKAGE", + "url": "https://github.com/aurelia/framework" } ], "database_specific": {