Back to bug 1328413
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Andrej Nemec | 2016-04-19 10:51:29 UTC | Depends On | 1328414 | |
| Andrej Nemec | 2016-04-19 10:51:38 UTC | Depends On | 1328415 | |
| Andrej Nemec | 2016-04-19 10:51:47 UTC | Depends On | 1328416 | |
| Andrej Nemec | 2016-04-19 10:57:12 UTC | Blocks | 1328418 | |
| Tomas Hoger | 2016-04-26 13:11:06 UTC | Whiteboard | impact=important,public=20160418,reported=20160418,source=internet,cvss2=6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P,cwe=CWE-201,rhscl-2/nodejs010-npm=affected,fedora-all/npm=affected,epel-6/npm=affected,epel-7/npm=affected | impact=important,public=20160418,reported=20160418,source=internet,cvss2=6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P,cwe=CWE-201,rhscl-2/nodejs010-npm=affected,rhscl-2/rh-nodejs4-npm=notaffected,fedora-all/npm=affected,epel-6/npm=affected,epel-7/npm=affected |
| Tomas Hoger | 2016-04-27 09:30:56 UTC | Priority | high | medium |
| Summary | npm: bearer token leak | npm: bearer token leak to non-registry hosts | ||
| Whiteboard | impact=important,public=20160418,reported=20160418,source=internet,cvss2=6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P,cwe=CWE-201,rhscl-2/nodejs010-npm=affected,rhscl-2/rh-nodejs4-npm=notaffected,fedora-all/npm=affected,epel-6/npm=affected,epel-7/npm=affected | impact=moderate,public=20160418,reported=20160418,source=internet,cvss2=4.3/AV:N/AC:M/Au:N/C:P/I:N/A:N,cwe=CWE-201,rhscl-2/nodejs010-npm=affected,rhscl-2/rh-nodejs4-npm=notaffected,fedora-all/npm=affected,epel-6/npm=affected,epel-7/npm=affected | ||
| Severity | high | medium | ||
| Tomas Hoger | 2016-04-27 09:33:26 UTC | Status | NEW | CLOSED |
| Resolution | --- | WONTFIX | ||
| Whiteboard | impact=moderate,public=20160418,reported=20160418,source=internet,cvss2=4.3/AV:N/AC:M/Au:N/C:P/I:N/A:N,cwe=CWE-201,rhscl-2/nodejs010-npm=affected,rhscl-2/rh-nodejs4-npm=notaffected,fedora-all/npm=affected,epel-6/npm=affected,epel-7/npm=affected | impact=moderate,public=20160331,reported=20160418,source=internet,cvss2=4.3/AV:N/AC:M/Au:N/C:P/I:N/A:N,cwe=CWE-201,rhscl-2/nodejs010-npm=wontfix,rhscl-2/rh-nodejs4-npm=notaffected,fedora-all/npm=affected,epel-6/npm=affected,epel-7/npm=affected | ||
| Last Closed | 2016-04-27 05:33:26 UTC | |||
| Andrej Nemec | 2016-07-04 07:45:56 UTC | Alias | CVE-2016-3956 | |
| Andrej Nemec | 2016-07-04 07:46:03 UTC | Summary | npm: bearer token leak to non-registry hosts | CVE-2016-3956 npm: bearer token leak to non-registry hosts |
| Product Security DevOps Team | 2019-09-29 13:47:33 UTC | Whiteboard | impact=moderate,public=20160331,reported=20160418,source=internet,cvss2=4.3/AV:N/AC:M/Au:N/C:P/I:N/A:N,cwe=CWE-201,rhscl-2/nodejs010-npm=wontfix,rhscl-2/rh-nodejs4-npm=notaffected,fedora-all/npm=affected,epel-6/npm=affected,epel-7/npm=affected | |
| Jamie Nguyen | 2020-11-05 10:32:58 UTC | CC | jamielinux |
Back to bug 1328413