Linux Distros Unpatched Vulnerability : CVE-2017-18869

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A TOCTOU issue in the chownr package before 1.1.0 for Node.js 10.10 could allow a local attacker to trick it into descending into unintended directories via...

RHEL 7 : rh-nodejs8-nodejs (RHSA-2020:2625)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2625 advisory. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The...

421752593pro (=5.6.0), @csltech/strong-nginx-controller (>=1.0.2 <=1.0.3) +132 more potentially affected by CVE-2017-18869 via chownr (>=0.0.1 <=1.0.1)

chownr NPM version =0.0.1, =1.0.2, =7.0.0, =0.7.2, =1.0.0, =0.0.1, =1.16.0, =1.0.1, =1.0.1, =2.8.29, =1.0.1, =5.0.232, =2.0.0, =0.0.1, =1.0.1, =1.0.3 and more Source cves: CVE-2017-18869 Source advisory: OSV:GHSA-C6RQ-RJC2-86V2...

Mageia: Security Advisory (MGASA-2021-0169)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Updated nodejs-chownr packages fix security vulnerability

Updated nodejs-chownr package fixes security vulnerability: A TOCTOU issue in the chownr package before 1.1.0 for Node.js 10.10 could allow a local attacker to trick it into descending into unintended directories via symlink attacks CVE-2017-18869...

Moderate: Red Hat Security Advisory: rh-nodejs8-nodejs security update

An update for rh-nodejs8-nodejs is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

CVE-2017-18869

A TOCTOU issue in the chownr package before 1.1.0 for Node.js 10.10 could allow a local attacker to trick it into descending into unintended directories via symlink attacks...

CVE-2017-18869

A TOCTOU issue in the chownr package before 1.1.0 for Node.js 10.10 could allow a local attacker to trick it into descending into unintended directories via symlink attacks...

CVE-2017-18869

A TOCTOU issue in the chownr package before 1.1.0 for Node.js 10.10 could allow a local attacker to trick it into descending into unintended directories via symlink attacks...

CVE-2017-18869

CVE-2017-18869 : A TOCTOU vulnerability in the chownr package (Node.js 10.10) could allow a local attacker to trick the code into descending into unintended directories via symlink attacks. Root cause: TOCTOU in chownr.js. Impact: local privilege-limited access through directory traversal. Remedi...

CVE-2017-18869

A TOCTOU issue in the chownr package before 1.1.0 for Node.js 10.10 could allow a local attacker to trick it into descending into unintended directories via symlink attacks...