github.com/khulnasoft-lab/tunnel-db@v0.0.0-20231117205118-74e1113bd007/pkg/vulnsrc/node/testdata/happy/npm_nocvssseverity/nodejs-security-wg/vuln/npm_nocvssseverity.json

github.com/khulnasoft-lab/tunnel-db@v0.0.0-20231117205118-74e1113bd007/pkg/vulnsrc/node/testdata/happy/npm_nocvssseverity/nodejs-security-wg/vuln/npm_nocvssseverity.json (about)

     1  {
     2    "cve": [
     3      "CVE-2017-1000381"
     4    ],
     5    "module_name": "missingcvss-missingseverity-package",
     6    "ref": "https://nodejs.org/en/blog/vulnerability/july-2017-security-releases/",
     7    "vulnerable": "8.x || 7.x || 4.x || 6.x || 5.x",
     8    "patched": "^8.1.4 || ^7.10.1 || ^4.8.4 || ^6.11.1",
     9    "description": "memory overread when parsing invalid NAPTR responses",
    10    "overview": "The c-ares function ares_parse_naptr_reply(), which is used for parsing NAPTR\nresponses, could be triggered to read memory outside of the given input buffer\nif the passed in DNS response packet was crafted in a particular way.\n\n"
    11  }