Hacker News new | comments | show | ask | jobs | submit login

Did anyone fill a CVE already?



The CVE DB is usually pretty backlogged. This[1] is the defacto NPM "CVE DB" and describes the two modules[2][3] affected by this incident that ESLint and NPM acknowledge.

[1] https://nodesecurity.io/advisories

[2] https://nodesecurity.io/advisories/673

[3] https://nodesecurity.io/advisories/674




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: