data/CVE/list

@@ -32314,7 +32314,7 @@ CVE-2019-15607 (A stored XSS vulnerability is present within node-red (version:
 CVE-2019-15606 (Including trailing white space in HTTP header values in Nodejs 10, 12, ...)
 	- nodejs <unfixed>
 	NOTE: https://hackerone.com/reports/730779
-	NOTE: https://github.com/nodejs/node/commit/25b6897e8a1072bd38b7d12d3ec6920bfe1c8de3
+	NOTE: https://github.com/nodejs/node/commit/2eee90e959ca4abaf53caf238d063c396f2ea17c (10.x)
 CVE-2019-15605 (HTTP request smuggling in Node.js 10, 12, and 13 causes malicious payl ...)
 	- nodejs <unfixed>
 	- http-parser <unfixed>
@@ -32323,7 +32323,7 @@ CVE-2019-15605 (HTTP request smuggling in Node.js 10, 12, and 13 causes maliciou
 CVE-2019-15604 (Improper Certificate Validation in Node.js 10, 12, and 13 causes the p ...)
 	- nodejs <unfixed>
 	NOTE: https://hackerone.com/reports/746733
-	NOTE: https://github.com/nodejs/node/commit/1156a9e5f849f32a3664587f9cf37cd876fe0dd1
+	NOTE: https://github.com/nodejs/node/commit/f940bee3b7da865e28093472dee9ce664f273f6d (10.x)
 CVE-2019-15603 (The seefl package v0.1.1 is vulnerable to a stored Cross-Site Scriptin ...)
 	NOT-FOR-US: seefl
 CVE-2019-15602 (The fileview package v0.1.6 has inadequate output encoding and escapin ...)

data/embedded-code-copies

@@ -3472,3 +3472,6 @@ libstb
 	- sumo <unfixed> (embed; bug #950251)
 	- yquake2 <unfixed> (embed; bug #950252)
 	- dart <unfixed> (modified-embed)
+
+http-parser
+	- nodejs <unfixed> (embed)