41 matches found
EUVD-2021-1724
Malware in sbrugna...
EUVD-2021-1513
Malware in sbrugna...
Unity Linux 20.1070e Security Update: nodejs (UTSA-2025-680629)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-680629 advisory. @npmcli/arborist, the library that calculates dependency trees and manages the nodemodules folder hierarchy for the npm command line interface, aims to guarantee tha...
Unity Linux 20.1070e Security Update: nodejs (UTSA-2025-680628)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-680628 advisory. @npmcli/arborist, the library that calculates dependency trees and manages the nodemodules folder hierarchy for the npm command line interface, aims to guarantee tha...
Linux Distros Unpatched Vulnerability : CVE-2021-39134
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - @npmcli/arborist, the library that calculates dependency trees and manages the nodemodules folder hierarchy for the npm command line interface, aims to guarante...
Linux Distros Unpatched Vulnerability : CVE-2021-39135
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - @npmcli/arborist, the library that calculates dependency trees and manages the nodemodules folder hierarchy for the npm command line interface, aims to guarante...
SUSE CVE-2021-39135
@npmcli/arborist, the library that calculates dependency trees and manages the nodemodules folder hierarchy for the npm command line interface, aims to guarantee that package dependency contracts will be met, and the extraction of package contents will always be performed into the expected folder...
SUSE CVE-2021-39134
@npmcli/arborist, the library that calculates dependency trees and manages the nodemodules folder hierarchy for the npm command line interface, aims to guarantee that package dependency contracts will be met, and the extraction of package contents will always be performed into the expected folder...
Security Bulletin: Multiple vulnerabilities in Node.js affect IBM Rational Application Developer for WebSphere Software included in Rational Developer for i
Summary Vulnerabilities detected in Node.js versions before v14.16.2 that affect the Cordova platform packaged with Rational Developer for i Software. Vulnerability Details CVEID: CVE-2021-3712 DESCRIPTION: OpenSSL could allow a remote attacker to obtain sensitive information, caused by an...
CVE-2021-39135
A flaw was found in nodejs-arborist. Arborist could write package dependencies to any arbitrary location on the file system if an attacker had replaced a project folder with a symbolic link in the nodemodules folder. The highest threat from this vulnerability is to data integrity and system...
CVE-2021-39134
A flaw was found in nodejs-arborist. On case-insensitive file systems such as macOS and Windows, Arborist’s internal data structure did not see multiple dependencies as separate items that could coexist within the same level in the nodemodules hierarchy when they differ only in the case of their...
Remote Code Execution (RCE)
@npmcli/arborist is vulnerable to remote code execution. The vulnerability exists due to a symlink dependency where an attacker is able to create arbitrary contents to be written to any location on the filesystem...
Remote Code Execution (RCE)
@npmcli/arboristis vulnerable to Remote Code Execution RCE. The vulnerability exists due to the lack of sanitization of the symlink and the assigned dependency in the root level...
CVE-2021-39135
@npmcli/arborist, the library that calculates dependency trees and manages the nodemodules folder hierarchy for the npm command line interface, aims to guarantee that package dependency contracts will be met, and the extraction of package contents will always be performed into the expected folder...
CVE-2021-39134
@npmcli/arborist, the library that calculates dependency trees and manages the nodemodules folder hierarchy for the npm command line interface, aims to guarantee that package dependency contracts will be met, and the extraction of package contents will always be performed into the expected folder...
ALPINE-CVE-2021-39134
@npmcli/arborist, the library that calculates dependency trees and manages the nodemodules folder hierarchy for the npm command line interface, aims to guarantee that package dependency contracts will be met, and the extraction of package contents will always be performed into the expected folder...
DEBIAN-CVE-2021-39135
@npmcli/arborist, the library that calculates dependency trees and manages the nodemodules folder hierarchy for the npm command line interface, aims to guarantee that package dependency contracts will be met, and the extraction of package contents will always be performed into the expected folder...
DEBIAN-CVE-2021-39134
@npmcli/arborist, the library that calculates dependency trees and manages the nodemodules folder hierarchy for the npm command line interface, aims to guarantee that package dependency contracts will be met, and the extraction of package contents will always be performed into the expected folder...
ALPINE-CVE-2021-39135
@npmcli/arborist, the library that calculates dependency trees and manages the nodemodules folder hierarchy for the npm command line interface, aims to guarantee that package dependency contracts will be met, and the extraction of package contents will always be performed into the expected folder...
CVE-2021-39134
@npmcli/arborist, the library that calculates dependency trees and manages the nodemodules folder hierarchy for the npm command line interface, aims to guarantee that package dependency contracts will be met, and the extraction of package contents will always be performed into the expected folder...