Lucene search
K

19 matches found

OSV
OSV
added 2022/11/11 11:4 a.m.3 views

OESA-2022-2084 nodejs-fstream security update

Provides advanced file system stream objects for Node.js. These objects are like FS streams, but with stat on them, and support directories and symbolic links, as well as normal files. Also, you can use them to set the stats on a file, even if you don't change its contents, or to create a symlink...

7.5CVSS8.9AI score0.02416EPSS
Exploits0References2
OSV
OSV
added 2022/03/19 11:3 a.m.4 views

OESA-2022-1584 nodejs-fstream security update

Provides advanced file system stream objects for Node.js. These objects are like FS streams, but with stat on them, and support directories and symbolic links, as well as normal files. Also, you can use them to set the stats on a file, even if you don't change its contents, or to create a symlink...

7.5CVSS8.9AI score0.02416EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.10 views

SUSE: Security Advisory (SUSE-SU-2019:2181-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.02416EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.8 views

SUSE: Security Advisory (SUSE-SU-2019:2055-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.02416EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.32 views

SUSE: Security Advisory (SUSE-SU-2020:0059-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS8.1AI score0.87806EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.10 views

SUSE: Security Advisory (SUSE-SU-2019:2081-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.02416EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2020/04/06 10:58 a.m.17 views

CVE-2019-13173

fstream before 1.0.12 is vulnerable to Arbitrary File Overwrite. Extracting tarballs containing a hardlink to a file that already exists in the system, and a file that matches the hardlink, will overwrite the system's file with the contents of the extracted file. The fstream.DirWriter function is...

7.5CVSS1.6AI score0.02416EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2020/01/09 12:0 a.m.18 views

openSUSE: Security Advisory for nodejs10 (openSUSE-SU-2019:1846-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.5CVSS7.7AI score0.02416EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/08/20 12:0 a.m.25 views

SUSE SLES12 Security Update : nodejs6 (SUSE-SU-2019:2181-1)

This update for nodejs6 fixes the following issues : CVE-2019-13173: Fixed a potential file overwrite via hardlink in fstream.DirWriter bsc1140290. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to...

7.5CVSS7.9AI score0.02416EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2019/08/20 12:0 a.m.23 views

openSUSE Security Update : nodejs8 (openSUSE-2019-1907)

This update for nodejs8 fixes the following issues : Security issue fixed : - CVE-2019-13173: Fixed a potential file overwrite via hardlink in fstream.DirWriter bsc1140290. Non-security issue fixed : - Backported fixes for OpenSSL 1.1.1 from nodejs8 bsc1134209. This update was imported from the...

7.5CVSS7.9AI score0.02416EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2019/08/16 12:0 a.m.18 views

openSUSE: Security Advisory for nodejs8 (openSUSE-SU-2019:1907-1)

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.5CVSS7.7AI score0.02416EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/08/13 12:0 a.m.25 views

openSUSE Security Update : nodejs10 (openSUSE-2019-1846)

This update for nodejs10 to version 10.16.0 fixes the following issues : Security issue fixed : - CVE-2019-13173: Fixed a potential file overwrite via hardlink in fstream.DirWriter bsc1140290. Non-security issue fixed : - Update to new upstream LTS version 10.16.0, including npm version 6.9.0 and...

7.5CVSS7.9AI score0.02416EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2019/08/12 12:0 a.m.22 views

SUSE SLES15 Security Update : nodejs10 (SUSE-SU-2019:2081-1)

This update for nodejs10 to version 10.16.0 fixes the following issues : Security issue fixed : CVE-2019-13173: Fixed a potential file overwrite via hardlink in fstream.DirWriter bsc1140290. Non-security issue fixed: Update to new upstream LTS version 10.16.0, including npm version 6.9.0 and...

7.5CVSS7.9AI score0.02416EPSS
Exploits0References5
OSV
OSV
added 2019/08/07 11:34 a.m.4 views

SUSE-SU-2019:2081-1 Security update for nodejs10

This update for nodejs10 to version 10.16.0 fixes the following issues: Security issue fixed: - CVE-2019-13173: Fixed a potential file overwrite via hardlink in fstream.DirWriter bsc1140290. Non-security issue fixed: - Update to new upstream LTS version 10.16.0, including npm version 6.9.0 and...

7.5CVSS7.7AI score0.02416EPSS
Exploits0References4
OSV
OSV
added 2019/08/07 9:38 a.m.4 views

SUSE-SU-2019:2078-1 Security update for nodejs4

This update for nodejs4 fixes the following issues: - CVE-2019-13173: Fixed a potential file overwrite via hardlink in fstream.DirWriter bsc1140290...

7.5CVSS7.5AI score0.02416EPSS
Exploits0References3
OSV
OSV
added 2019/07/02 8:15 p.m.20 views

CVE-2019-13173

fstream before 1.0.12 is vulnerable to Arbitrary File Overwrite. Extracting tarballs containing a hardlink to a file that already exists in the system, and a file that matches the hardlink, will overwrite the system's file with the contents of the extracted file. The fstream.DirWriter function is...

7.5CVSS6.4AI score0.02416EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2019/07/02 8:15 p.m.6 views

CVE-2019-13173

fstream before 1.0.12 is vulnerable to Arbitrary File Overwrite. Extracting tarballs containing a hardlink to a file that already exists in the system, and a file that matches the hardlink, will overwrite the system's file with the contents of the extracted file. The fstream.DirWriter function is...

7.5CVSS5.5AI score0.02416EPSS
Exploits0References7
CVE
CVE
added 2019/07/02 7:26 p.m.460 views

CVE-2019-13173

CVE-2019-13173 affects the Node.js fstream module (pre-1.0.12). The vulnerability is in fstream.DirWriter and allows overwriting system files when extracting tarballs containing a hardlink to an existing file, overwriting the target with the extracted content. Impact is arbitrary file overwrite o...

7.5CVSS7.2AI score0.02416EPSS
Exploits0References5Affected Software1
vulnersOsv
vulnersOsv
added 2019/05/30 5:19 p.m.6 views

1password-manager (>=0.1.0 <=0.1.2), 4front-cli (>=0.0.1 <=0.0.20) +4790 more potentially affected by CVE-2019-13173 via fstream (>=0.1.11 <=1.0.11)

fstream NPM version =0.1.11, =0.1.0, =0.0.1, =0.2.0, =0.5.0, =0.0.1, =0.1.0, =0.0.2, =0.0.2, =0.5.12, =1.1.0, =0.1.2, =0.0.1, =1.0.0, =1.0.9 and more Source cves: CVE-2019-13173 Source advisory: OSV:GHSA-XF7W-R453-M56C...

7.5CVSS7.1AI score0.02416EPSS
Exploits0
Rows per page
Query Builder