[SECURITY] Fedora 44 Update: composer-2.10.1-1.fc44

Composer helps you declare, manage and install dependencies of PHP projects, ensuring you have the right stack everywhere. Documentation: https://getcomposer.org/doc/...

CVE-2026-43965

Path traversal vulnerability in Gleam's dependency management allows arbitrary directory deletion via malicious build/packages/packages.toml content. Package keys read from build/packages/packages.toml by LocalPackages::readfromdisc are passed without validation to paths.buildpackagespackage, whi...

CVE-2026-43965

Path traversal vulnerability in Gleam's dependency management allows arbitrary directory deletion via malicious build/packages/packages.toml content. Package keys read from build/packages/packages.toml by LocalPackages::readfromdisc are passed without validation to paths.buildpackagespackage, whi...

CVE-2026-43965

Path traversal vulnerability in Gleam's dependency management allows arbitrary directory deletion via malicious build/packages/packages.toml content. Package keys read from build/packages/packages.toml by LocalPackages::readfromdisc are passed without validation to paths.buildpackagespackage, whi...

CVE-2026-43965

Gleam path traversal vulnerability CVE-2026-43965 allows arbitrary directory deletion via malicious build/packages/packages.toml content. During deps download, package keys read from build/packages/packages.toml are passed to path construction without validation, enabling absolute or relative tra...

EEF-CVE-2026-43965 Path Traversal in build/packages/packages.toml Allows Arbitrary Directory Deletion

Summary Path traversal vulnerability in Gleam's dependency management allows arbitrary directory deletion via malicious build/packages/packages.toml content. Package keys read from build/packages/packages.toml by LocalPackages::readfromdisc are passed without validation to...

EUVD-2026-33926

Path traversal vulnerability in Gleam's dependency management allows arbitrary directory deletion via malicious build/packages/packages.toml content. Package keys read from build/packages/packages.toml by LocalPackages::readfromdisc are passed without validation to paths.buildpackagespackage, whi...

[SECURITY] Fedora 44 Update: composer-2.9.8-1.fc44

Composer helps you declare, manage and install dependencies of PHP projects, ensuring you have the right stack everywhere. Documentation: https://getcomposer.org/doc/...

[SECURITY] Fedora 44 Update: yarnpkg-1.22.22-18.fc44

Fast, reliable, and secure dependency management...

[SECURITY] Fedora 43 Update: composer-2.9.7-1.fc43

Composer helps you declare, manage and install dependencies of PHP projects, ensuring you have the right stack everywhere. Documentation: https://getcomposer.org/doc/...

CVE-2026-40261

Composer is a dependency manager for PHP. Versions 1.0 through 2.2.26 and 2.3 through 2.9.5 contain a command injection vulnerability in the Perforce::syncCodeBase method, which appends the $sourceReference parameter to a shell command without proper escaping, and additionally in the...

Composer 安全漏洞

Composer is an open-source application developed by Composer. It provides a tool for declaring, managing, and installing dependencies of PHP projects. Versions of Composer from 1.0 to 2.2.26, as well as from 2.3 to 2.9.5, have security vulnerabilities. These vulnerabilities stem from command...

[SECURITY] Fedora 42 Update: yarnpkg-1.22.22-18.fc42

Fast, reliable, and secure dependency management...

[SECURITY] Fedora 43 Update: yarnpkg-1.22.22-18.fc43

Fast, reliable, and secure dependency management...

[SECURITY] Fedora 42 Update: yarnpkg-1.22.22-17.fc42

Fast, reliable, and secure dependency management...

[SECURITY] Fedora 44 Update: yarnpkg-1.22.22-17.fc44

Fast, reliable, and secure dependency management...

[SECURITY] Fedora 43 Update: uv-0.9.30-2.fc43

An extremely fast Python package and project manager, written in Rust. Highlights: =E2=80=A2 A single tool to replace pip, pip-tools, pipx, poetry, pyenv, twi ne, virtualenv, and more. =E2=80=A2 10-100x faster than pip. =E2=80=A2 Provides comprehensive project management, with a universal lockf...

[SECURITY] Fedora 42 Update: yarnpkg-1.22.22-16.fc42

Fast, reliable, and secure dependency management...

[SECURITY] Fedora 43 Update: yarnpkg-1.22.22-16.fc43

Fast, reliable, and secure dependency management...

[SECURITY] Fedora 42 Update: composer-2.9.3-1.fc42

Composer helps you declare, manage and install dependencies of PHP projects, ensuring you have the right stack everywhere. Documentation: https://getcomposer.org/doc/...