81 matches found
GHSA-5M9C-634G-47VQ steroids downloads resources over HTTP
Affected versions of steroids insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution on the syste...
steroids downloads resources over HTTP
Affected versions of steroids insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution on the syste...
Denial of Service
Overview All versions of url-relative are vulnerable to Denial of Service. If the values to and from are equal, the function hangs and never returns. This may cause a Denial of Service. Recommendation No fix is currently available. Consider using an alternative module until a fix is made availabl...
Prototype Pollution
Overview All versions of defaults-deep are vulnerable to prototype pollution. Provided certain input defaults-deep can add or modify properties of the Object prototype. These properties will be present on all objects. Recommendation As no patch is currently available for this vulnerability it is...
Remote Code Execution
Overview All versions of pivideorecording are vulnerable to Remote Code Execution. Due to insufficient input validation the server executes arbitrary code through the /api/record/start endpoint. After running the server, curl -POST -H "Content-Type: application/json" -d '"filename": " || touch...
Remote Code Execution
Overview All versions of office-converter are vulnerable to Remote Code Execution. Due to insufficient input validation an attacker could run arbitrary commands on the server thus rendering the package vulnerable to Remote Code Execution. Recommendation No fix is currently available. Consider usi...
Remote Code Execution
Overview All versions of pomelo-monitor are vulnerable to Remote Code Execution. Due to insufficient input validation an attacker could run arbitrary commands on the server thus rendering the package vulnerable to Remote Code Execution. Recommendation No fix is currently available. Consider using...
Sensitive Data Exposure
Overview All versions of rails-session-decoder are missing verification of the Message Authentication Code appended to the cookies. This may lead to decryption of cipher text thus exposing encrypted information. Recommendation No fix is currently available. Consider using an alternative module...
Undefined Behavior
Overview All versions of sailsjs-cacheman have a vulnerability that may lead to Undefined Behavior. The config variable is exposing to the global scope which may overwrite other variables and cause the application to misbehave. Recommendation No fix is currently available. Consider using an...
GHSA-VWR2-WJ63-86GR Path Traversal in simplehttpserver
All versions of simplehttpserver are vulnerable to Path Traversal. This vulnerability allows an attacker to access files outside the webroot since it allows symlink navigation in the URL. Recommendation No fix is currently available. Do not use simplehttpserver in production or consider using an...
Path Traversal in simplehttpserver
All versions of simplehttpserver are vulnerable to Path Traversal. This vulnerability allows an attacker to access files outside the webroot since it allows symlink navigation in the URL. Recommendation No fix is currently available. Do not use simplehttpserver in production or consider using an...
Denial of Service
Overview All versions of ircdkit are vulnerable to remote denial of service. Recommendation As no current fix is available if you rely on ircdkit in production it might be best to consider another module. References - GitHub Issue - GitHub Advisory...
GHSA-M8CR-Q935-8J67 Path Traversal in buttle
All versions of buttle are vulnerable to Path Traversal. Due to insufficient input sanitization, attackers can access server files by using relative paths when fetching files. Recommendation No fix is currently available. Consider using an alternative module until a fix is made available...
Path Traversal in buttle
All versions of buttle are vulnerable to Path Traversal. Due to insufficient input sanitization, attackers can access server files by using relative paths when fetching files. Recommendation No fix is currently available. Consider using an alternative module until a fix is made available...
GHSA-38F5-GHC2-FCMV Code Injection in cryo
All versions of cryo are vulnerable to code injection due to an Insecure implementation of deserialization. Proof of concept js var Cryo = require'cryo'; var frozen = '"root":"CRYOREF3","references":"contents":,"value":"CRYOFUNCTIONfunction console.log\"defconrussia\"; return...
Code Injection in cryo
All versions of cryo are vulnerable to code injection due to an Insecure implementation of deserialization. Proof of concept js var Cryo = require'cryo'; var frozen = '"root":"CRYOREF3","references":"contents":,"value":"CRYOFUNCTIONfunction console.log\"defconrussia\"; return...
Cross-Site Scripting
Overview Versions of html-janitor prior to 2.0.2 all current versions are vulnerable to cross-site scripting XSS. This is exploitable if user-controlled data is passed into the modules clean function. Recommendation No fix is currently available for this vulnerability. It is recommended to use an...
Downloads Resources over HTTP
Overview Affected versions of steroids insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution on...
Directory Traversal
Overview Affected versions of bitty are vulnerable to directory traversal via the URL path in GET requests. Recommendation The bitty package is not currently maintained, and has not seen an update since 2015. At this time, the best available mitigation is to use an alternative module that is...
Spoofing attack due to unvalidated KDC
Overview Affected versions of node-krb5 do not validate the KDC prior to authenticating, which might allow an attacker with network access and enough time to spoof the KDC and impersonate a valid user without knowing their credentials. Recommendation It appears that this will remain unfixed...