14 matches found
EUVD-2023-1412
Malicious code in bioql PyPI...
CVE-2023-27848
broccoli-compass v0.2.4 was discovered to contain a remote code execution RCE vulnerability via the childprocess function...
Remote Code Execution (RCE)
broccoli-compass is vulnerable to Remote Code Execution RCE. Lack of proper checking of attacker-controlled filenames which is included in the list of files passed to the library via its files option, allows an attacker to execute malicious code on the system...
ember-cli-broccoli-compass (>=0.0.1 <=0.0.5), ember-cli-compass (>=0.0.4 <=0.0.5) +1 more potentially affected by CVE-2023-27848 via broccoli-compass (>=0.0.7 <=0.1.1)
broccoli-compass NPM version =0.0.7, =0.0.1, =0.0.4, =0.0.1, =0.0.13 Source cves: CVE-2023-27848 Source advisory: OSV:GHSA-WQ8F-XMQ3-5VQ9...
Remote code execution in broccoli-compass
broccoli-compass v0.2.4 was discovered to contain a remote code execution RCE vulnerability via the childprocess function...
CVE-2023-27848
broccoli-compass v0.2.4 was discovered to contain a remote code execution RCE vulnerability via the childprocess function...
CVE-2023-27848
broccoli-compass v0.2.4 was discovered to contain a remote code execution RCE vulnerability via the childprocess function...
CVE-2023-27848
broccoli-compass v0.2.4 was discovered to contain a remote code execution RCE vulnerability via the childprocess function...
npm broccoli-compass 命令注入漏洞
npm broccoli-compass is a library from the American company npm. A security vulnerability exists in npm broccoli-compass version v0.2.4, which stems from the discovery of a remote code execution RCE vulnerability via the childproces function...
CVE-2023-27848
broccoli-compass v0.2.4 was discovered to contain a remote code execution RCE vulnerability via the childprocess function...
CVE-2023-27848
CVE-2023-27848 affects broccoli-compass v0.2.4. A remote code execution (RCE) vulnerability exists via the child_process function, allowing execution of attacker-controlled code. Impact is high (C/H/I/H/A/H) per the CVSS3.1 data; exploitation is network-borne with no user interaction and no privi...
PT-2023-21373 · Unknown · Broccoli-Compass
Name of the Vulnerable Software and Affected Versions: broccoli-compass version 0.2.4 Description: The issue is related to a remote code execution RCE vulnerability. It is exploited via the child process function. Recommendations: For broccoli-compass version 0.2.4, consider restricting the use o...
@love-open-source/ember-slider (>=0.0.2 <=1.1.10), broccoli-compass-compiler (>=0.0.1 <=0.0.6) +1 more potentially affected by CVE-2020-7635 via compass-compile (=0.0.1)
compass-compile NPM version =0.0.1 is affected by a known vulnerability. The following packages have a transitive dependency on compass-compile and may be impacted: - @love-open-source/ember-slider =0.0.2, =0.0.1, =0.1.0, =0.5.0 Source cves: CVE-2020-7635 Source advisory: OSV:GHSA-7Q9F-X6RM-QMXR...
@love-open-source/ember-slider (>=0.0.2 <=1.1.10), broccoli-compass-compiler (>=0.0.1 <=0.0.6) +1 more potentially affected by CVE-2020-7635 via compass-compile (=0.0.1)
compass-compile NPM version =0.0.1 is affected by a known vulnerability. The following packages have a transitive dependency on compass-compile and may be impacted: - @love-open-source/ember-slider =0.0.2, =0.0.1, =0.1.0, =0.5.0 Source cves: CVE-2020-7635 Source advisory:...