https://bugzilla.redhat.com/show_bug.cgi?id=2193463
Bug ID: 2193463 Summary: CVE-2023-0842 mozjs78: node-xml2js: xml2js is vulnerable to prototype pollution [fedora-all] Product: Fedora Version: 38 Status: NEW Component: mozjs78 Keywords: Security, SecurityTracking Severity: medium Priority: medium Assignee: fzatlouk@redhat.com Reporter: pdelbell@redhat.com QA Contact: extras-qa@fedoraproject.org CC: epel-packagers-sig@lists.fedoraproject.org, fzatlouk@redhat.com, klember@redhat.com Target Milestone: --- Classification: Fedora
More information about this security flaw is available in the following bug:
http://bugzilla.redhat.com/show_bug.cgi?id=2193459
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.