-
Notifications
You must be signed in to change notification settings - Fork 913
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
CVE-2019-6283 (Medium) detected in node-sass-8.0.0.tgz #1087
Labels
cve
Security vulnerabilities detected by Dependabot or Mend
medium severity
Medium severity CVE
Mend: dependency security vulnerability
Security vulnerability detected by Mend
v2.0.0
Comments
mend-for-github-com
bot
added
the
Mend: dependency security vulnerability
Security vulnerability detected by Mend
label
Jan 4, 2022
Fixed in #1028 |
mend-for-github-com
bot
changed the title
CVE-2019-6283 (Medium) detected in node-sass-4.13.1.tgz
CVE-2019-6283 (Medium) detected in node-sass-4.13.1.tgz - autoclosed
Jan 5, 2022
✔️ This issue was automatically closed by WhiteSource because the vulnerable library in the specific branch(es) was either marked as ignored or it is no longer part of the WhiteSource inventory. |
tmarkley
added
cve
Security vulnerabilities detected by Dependabot or Mend
v2.0.0
labels
Jan 6, 2022
AMoo-Miki
pushed a commit
to AMoo-Miki/OpenSearch-Dashboards
that referenced
this issue
Feb 10, 2022
…ject#1087) Extends the domain so that it starts and ends on nice round values.
AMoo-Miki
pushed a commit
to AMoo-Miki/OpenSearch-Dashboards
that referenced
this issue
Feb 10, 2022
# [28.1.0](elastic/elastic-charts@v28.0.1...v28.1.0) (2021-04-13) ### Bug Fixes * **legend:** sizing for short labels with scrollbar ([opensearch-project#1115](elastic/elastic-charts#1115)) ([ebf2552](elastic/elastic-charts@ebf2552)) * **xy:** negative bar highlight and click ([opensearch-project#1109](elastic/elastic-charts#1109)) ([065673c](elastic/elastic-charts@065673c)), closes [opensearch-project#1100](elastic/elastic-charts#1100) ### Features * **a11y:** improve chart figure ([opensearch-project#1104](elastic/elastic-charts#1104)) ([373ea72](elastic/elastic-charts@373ea72)) * **partition:** order slices and sectors ([opensearch-project#1112](elastic/elastic-charts#1112)) ([72c0d1b](elastic/elastic-charts@72c0d1b)) * **partitions:** small multipies events pass on smAccessorValue ([opensearch-project#1106](elastic/elastic-charts#1106)) ([0e1f7de](elastic/elastic-charts@0e1f7de)) * **xy:** optionally rounds the domain to nice values ([opensearch-project#1087](elastic/elastic-charts#1087)) ([9c2eefc](elastic/elastic-charts@9c2eefc)) * **xy:** specify pixel and ratio width for bars ([opensearch-project#1114](elastic/elastic-charts#1114)) ([6294d5f](elastic/elastic-charts@6294d5f)) * mosaic ([opensearch-project#1113](elastic/elastic-charts#1113)) ([15c0d78](elastic/elastic-charts@15c0d78))
AMoo-Miki
pushed a commit
to AMoo-Miki/OpenSearch-Dashboards
that referenced
this issue
Feb 10, 2022
…-project#1119) The opensearch-project#1087 PR introduced a regression where the useDefaultGroupDomain was not considered when computing the scale configs.
AMoo-Miki
pushed a commit
to AMoo-Miki/OpenSearch-Dashboards
that referenced
this issue
Feb 10, 2022
# [28.2.0](elastic/elastic-charts@v28.1.0...v28.2.0) (2021-04-15) ### Bug Fixes * **xy:** consider `useDefaultGroupDomain` on scale config ([opensearch-project#1119](elastic/elastic-charts#1119)) ([269ff1a](elastic/elastic-charts@269ff1a)), closes [opensearch-project#1087](elastic/elastic-charts#1087) ### Features * **a11y:** allow user to pass custom description for screen readers ([opensearch-project#1111](elastic/elastic-charts#1111)) ([a0020ba](elastic/elastic-charts@a0020ba)), closes [#1097](elastic/elastic-charts#1097) * **partition:** add debuggable state ([opensearch-project#1117](elastic/elastic-charts#1117)) ([08f8baf](elastic/elastic-charts@08f8baf)), closes [opensearch-project#917](elastic/elastic-charts#917)
mend-for-github-com
bot
changed the title
CVE-2019-6283 (Medium) detected in node-sass-4.13.1.tgz - autoclosed
CVE-2019-6283 (Medium) detected in node-sass-8.0.0.tgz
Jul 19, 2023
ℹ️ This issue was automatically re-opened by Mend because the vulnerable library in the specific branch(es) has been detected in the Mend inventory. |
8 tasks
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Labels
cve
Security vulnerabilities detected by Dependabot or Mend
medium severity
Medium severity CVE
Mend: dependency security vulnerability
Security vulnerability detected by Mend
v2.0.0
CVE-2019-6283 - Medium Severity Vulnerability
Vulnerable Library - node-sass-8.0.0.tgz
Wrapper around libsass
Library home page: https://registry.npmjs.org/node-sass/-/node-sass-8.0.0.tgz
Dependency Hierarchy:
Found in HEAD commit: 4fd064970b66ce555f48c22dfab6ed965d0e260a
Found in base branch: main
Vulnerability Details
In LibSass 3.5.5, a heap-based buffer over-read exists in Sass::Prelexer::parenthese_scope in prelexer.hpp.
Publish Date: 2019-01-14
URL: CVE-2019-6283
CVSS 3 Score Details (6.5)
Base Score Metrics:
The text was updated successfully, but these errors were encountered: