Missing Encryption of Sensitive Data in yarn

Yarn before 1.17.3 is vulnerable to Missing Encryption of Sensitive Data due to HTTP URLs in lockfile causing unencrypted authentication data to be sent over the network...

CVE-2019-5448

Yarn before 1.17.3 is vulnerable to Missing Encryption of Sensitive Data due to HTTP URLs in lockfile causing unencrypted authentication data to be sent over the network...

DEBIAN-CVE-2019-5448

Yarn before 1.17.3 is vulnerable to Missing Encryption of Sensitive Data due to HTTP URLs in lockfile causing unencrypted authentication data to be sent over the network...

CVE-2019-5448

Yarn before 1.17.3 is vulnerable to Missing Encryption of Sensitive Data due to HTTP URLs in lockfile causing unencrypted authentication data to be sent over the network...

CVE-2019-5448

Yarn before 1.17.3 is vulnerable to Missing Encryption of Sensitive Data due to HTTP URLs in lockfile causing unencrypted authentication data to be sent over the network...

CVE-2019-5448

CVE-2019-5448 affects Yarn; the vulnerability arises from HTTP URLs in a Yarn lockfile that can cause unencrypted authentication data to be transmitted. The connected advisories confirm Photon OS and Nessus plugins flag Yarn as affected and advise updating the Yarn package to mitigate. The exact ...

CVE-2019-5448

Yarn before 1.17.3 is vulnerable to Missing Encryption of Sensitive Data due to HTTP URLs in lockfile causing unencrypted authentication data to be sent over the network...

OPENSUSE-SU-2019:1527-1 Security update for rmt-server

This update for rmt-server to version 2.1.4 fixes the following issues: - Fix duplicate nginx location in rmt-server-pubcloud bsc1135222 - Mirror additional repos that were enabled during mirroring bsc1132690 - Make service IDs consistent across different RMT instances bsc1134428 - Make SMT data...

SUSE SLES15 Security Update : rmt-server (SUSE-SU-2019:1381-1)

This update for rmt-server to version 2.1.4 fixes the following issues : Fix duplicate nginx location in rmt-server-pubcloud bsc1135222 Mirror additional repos that were enabled during mirroring bsc1132690 Make service IDs consistent across different RMT instances bsc1134428 Make SMT data import...

CVE-2011-3151 SELinux initscript misuse of touch

The Ubuntu SELinux initscript before version 1:0.10 used touch to create a lockfile in a world-writable directory. If the OS kernel does not have symlink protections then an attacker can cause a zero byte file to be allocated on any writable filesystem...

Security fix for the ALT Linux 9 package systemd version 1:242-alt1

April 13, 2019 Alexey Shabalin 1:242-alt1 - 242 Fixes: CVE-2019-3842 - move execute systemctl daemon-reexec from post-script to filetrigger - add requires systemd to libnss-systemd package ALT 36267 - move LOCKFILE to /run/lock in udev init script ALT 35888...

CVE-2016-7954

Bundler 1.x might allow remote attackers to inject arbitrary Ruby code into an application by leveraging a gem name collision on a secondary source. NOTE: this might overlap CVE-2013-0334...

Fedora Update for nodejs-lockfile FEDORA-2013-12908

Check for the Version of nodejs-lockfile OpenVAS Vulnerability Test Fedora Update for nodejs-lockfile FEDORA-2013-12908 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modif...

Fedora Update for nodejs-lockfile FEDORA-2013-12908

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora Update for nodejs-lockfile FEDORA-2013-11780

Check for the Version of nodejs-lockfile OpenVAS Vulnerability Test Fedora Update for nodejs-lockfile FEDORA-2013-11780 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modif...

Fedora Update for nodejs-lockfile FEDORA-2013-11780

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 19 Update: nodejs-lockfile-0.4.0-1.fc19

A very polite lock file utility, which endeavors to not litter, and to wait patiently for others...

[SECURITY] Fedora 18 Update: nodejs-lockfile-0.4.0-1.fc18

A very polite lock file utility, which endeavors to not litter, and to wait patiently for others...

DEBIAN-CVE-2010-2024

transports/appendfile.c in Exim before 4.72, when MBX locking is enabled, allows local users to change permissions of arbitrary files or create arbitrary files, and cause a denial of service or possibly gain privileges, via a symlink attack on a lockfile in /tmp/...

CVE-2010-2024

transports/appendfile.c in Exim before 4.72, when MBX locking is enabled, allows local users to change permissions of arbitrary files or create arbitrary files, and cause a denial of service or possibly gain privileges, via a symlink attack on a lockfile in /tmp/...