19 matches found
OESA-2022-2084 nodejs-fstream security update
Provides advanced file system stream objects for Node.js. These objects are like FS streams, but with stat on them, and support directories and symbolic links, as well as normal files. Also, you can use them to set the stats on a file, even if you don't change its contents, or to create a symlink...
OESA-2022-1584 nodejs-fstream security update
Provides advanced file system stream objects for Node.js. These objects are like FS streams, but with stat on them, and support directories and symbolic links, as well as normal files. Also, you can use them to set the stats on a file, even if you don't change its contents, or to create a symlink...
SUSE: Security Advisory (SUSE-SU-2019:2181-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2019:2055-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2020:0059-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2019:2081-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2019-13173
fstream before 1.0.12 is vulnerable to Arbitrary File Overwrite. Extracting tarballs containing a hardlink to a file that already exists in the system, and a file that matches the hardlink, will overwrite the system's file with the contents of the extracted file. The fstream.DirWriter function is...
openSUSE: Security Advisory for nodejs10 (openSUSE-SU-2019:1846-1)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
SUSE SLES12 Security Update : nodejs6 (SUSE-SU-2019:2181-1)
This update for nodejs6 fixes the following issues : CVE-2019-13173: Fixed a potential file overwrite via hardlink in fstream.DirWriter bsc1140290. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to...
openSUSE Security Update : nodejs8 (openSUSE-2019-1907)
This update for nodejs8 fixes the following issues : Security issue fixed : - CVE-2019-13173: Fixed a potential file overwrite via hardlink in fstream.DirWriter bsc1140290. Non-security issue fixed : - Backported fixes for OpenSSL 1.1.1 from nodejs8 bsc1134209. This update was imported from the...
openSUSE: Security Advisory for nodejs8 (openSUSE-SU-2019:1907-1)
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
openSUSE Security Update : nodejs10 (openSUSE-2019-1846)
This update for nodejs10 to version 10.16.0 fixes the following issues : Security issue fixed : - CVE-2019-13173: Fixed a potential file overwrite via hardlink in fstream.DirWriter bsc1140290. Non-security issue fixed : - Update to new upstream LTS version 10.16.0, including npm version 6.9.0 and...
SUSE SLES15 Security Update : nodejs10 (SUSE-SU-2019:2081-1)
This update for nodejs10 to version 10.16.0 fixes the following issues : Security issue fixed : CVE-2019-13173: Fixed a potential file overwrite via hardlink in fstream.DirWriter bsc1140290. Non-security issue fixed: Update to new upstream LTS version 10.16.0, including npm version 6.9.0 and...
SUSE-SU-2019:2081-1 Security update for nodejs10
This update for nodejs10 to version 10.16.0 fixes the following issues: Security issue fixed: - CVE-2019-13173: Fixed a potential file overwrite via hardlink in fstream.DirWriter bsc1140290. Non-security issue fixed: - Update to new upstream LTS version 10.16.0, including npm version 6.9.0 and...
SUSE-SU-2019:2078-1 Security update for nodejs4
This update for nodejs4 fixes the following issues: - CVE-2019-13173: Fixed a potential file overwrite via hardlink in fstream.DirWriter bsc1140290...
CVE-2019-13173
fstream before 1.0.12 is vulnerable to Arbitrary File Overwrite. Extracting tarballs containing a hardlink to a file that already exists in the system, and a file that matches the hardlink, will overwrite the system's file with the contents of the extracted file. The fstream.DirWriter function is...
CVE-2019-13173
fstream before 1.0.12 is vulnerable to Arbitrary File Overwrite. Extracting tarballs containing a hardlink to a file that already exists in the system, and a file that matches the hardlink, will overwrite the system's file with the contents of the extracted file. The fstream.DirWriter function is...
CVE-2019-13173
CVE-2019-13173 affects the Node.js fstream module (pre-1.0.12). The vulnerability is in fstream.DirWriter and allows overwriting system files when extracting tarballs containing a hardlink to an existing file, overwriting the target with the extracted content. Impact is arbitrary file overwrite o...
1password-manager (>=0.1.0 <=0.1.2), 4front-cli (>=0.0.1 <=0.0.20) +4790 more potentially affected by CVE-2019-13173 via fstream (>=0.1.11 <=1.0.11)
fstream NPM version =0.1.11, =0.1.0, =0.0.1, =0.2.0, =0.5.0, =0.0.1, =0.1.0, =0.0.2, =0.0.2, =0.5.12, =1.1.0, =0.1.2, =0.0.1, =1.0.0, =1.0.9 and more Source cves: CVE-2019-13173 Source advisory: OSV:GHSA-XF7W-R453-M56C...