Fix NSWG-ECO-330 affected range and add CVE info

Fixes: nodejs#176 Refs: jquery/jquery#3133 (comment) Refs: https://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2016-10707
ChALkeR · Mar 23, 2018 · 1aaf009 · 1aaf009
1 parent 2ae239a
commit 1aaf009
Showing 1 changed file with 3 additions and 3 deletions.
diff --git a/vuln/npm/330.json b/vuln/npm/330.json
@@ -6,8 +6,8 @@
   "author": "Michał Gołębiowski",
   "module_name": "jquery",
   "publish_date": "2017-04-14T22:04:14.245+00:00",
-  "cves": [],
-  "vulnerable_versions": ">=2.10 <=2.2.4",
+  "cves": ["CVE-2016-10707"],
+  "vulnerable_versions": "=3.0.0-rc.1",
   "patched_versions": ">=3.0.0",
   "slug": "jquery_exceeding-stack-call-limit-dos",
   "overview": "jQuery is a DOM manipulation javascript library.\n\nIn v2.2.4 and previous, a lowercasing logic was used on the attribute names and was removed in v3.0.0. Because of this, boolean attributes whose names were not all lowercase cause infinite recursion, and will exceed the stack call limit.",
@@ -16,4 +16,4 @@
   "cvss_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
   "cvss_score": 5.3,
   "coordinating_vendor": "^Lift Security"
-}
+}