7 matches found
Security Bulletin: Carbon design system packages
Summary Various packages are vulnerable to multiples CVEs and can be resolved by updating to [email protected], @carbon/[email protected], @carbon/[email protected], @carbon/[email protected], @carbon/[email protected], @carbon/[email protected], @carbon/[email protected], @carbon/[email protected]....
Linux Distros Unpatched Vulnerability : CVE-2024-47068
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Rollup is a module bundler for JavaScript. Versions prior to 2.79.2, 3.29.5, and 4.22.4 are susceptible to a DOM Clobbering vulnerability when bundling scripts...
1k-tasks (>=3.1.0 <=3.6.1), @adobe/helix-deploy (>=9.0.19 <=9.3.7) +371 more potentially affected by CVE-2024-47068 via rollup (>=3.0.0 <=3.29.4)
rollup NPM version =3.0.0, =3.1.0, =9.0.19, =6.0.3, =0.6.0, =12.0.0, =0.1.0, =0.0.7, =3.0.1-canary.8, =2.3.1, =4.63.0, =1.0.0, =1.0.10 and more Source cves: CVE-2024-47068 Source advisory: OSV:GHSA-GCX4-MW62-G8WM...
0.2-ui (=0.0.1), 0xgank-tea-advice-pull (=1.0.0) +15769 more potentially affected by CVE-2024-47068 via rollup (>=0.10.0 <=2.79.1)
rollup NPM version =0.10.0, =2.79.1 is affected by a known vulnerability. The following packages have a transitive dependency on rollup and may be impacted: - 0.2-ui =0.0.1 - 0xgank-tea-advice-pull =1.0.0 - 0xgank-tea-balance-pencil =1.0.0 - 0xgank-tea-brick-bell =1.0.0 - 0xgank-tea-cake-victory...
CVE-2024-47068 vulnerabilities
Vulnerabilities for packages: vite...
CVE-2024-47068 vulnerabilities
Vulnerabilities for packages: vite, vitess...
CVE-2024-47068
creationtimestamp| type| source ---|---|--- 2024-09-21 08:49:11+00:00| published-proof-of-concept| https://github.com/rollup/rollup/security/advisories/GHSA-gcx4-mw62-g8wm 2024-09-23 18:49:38+00:00| seen| https://t.me/cvedetector/6192...