13 matches found
CVE-2026-9496
Versions of the package pacote from 11.2.7 are vulnerable to Denial of Service DoS via the addGitSha function. An attacker can exploit this vulnerability by supplying a specially crafted spec.rawSpec value that triggers the function’s regex replacement and string-manipulation logic, causing...
CVE-2026-9496
Versions of the package pacote from 11.2.7 are vulnerable to Denial of Service DoS via the addGitSha function. An attacker can exploit this vulnerability by supplying a specially crafted spec.rawSpec value that triggers the function’s regex replacement and string-manipulation logic, causing...
pacote 安全漏洞
pacote is a npm open-source tool that retrieves package lists and compressed packages from the npm repository. Version pacote 11.2.7 has a security vulnerability. This vulnerability stems from the addGitSha function, which may lead to a denial-of-service attack. Attackers can trigger this functio...
CVE-2026-33331
oRPC is an tool that helps build APIs that are end-to-end type-safe and adhere to OpenAPI standards. Prior to version 1.13.9, a stored cross-site scripting XSS vulnerability exists in the OpenAPI documentation generation of orpc. If an attacker can control any field within the OpenAPI specificati...
Linux Distros Unpatched Vulnerability : CVE-2016-6299
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The scm plug-in in mock might allow attackers to bypass the intended chroot protection mechanism and gain root privileges via a crafted spec file. CVE-2016-6299...
CVE-2016-6299
The scm plug-in in mock might allow attackers to bypass the intended chroot protection mechanism and gain root privileges via a crafted spec file...
CVE-2016-6299
The scm plug-in in mock might allow attackers to bypass the intended chroot protection mechanism and gain root privileges via a crafted spec file...
CVE-2016-6299
The scm plug-in in mock might allow attackers to bypass the intended chroot protection mechanism and gain root privileges via a crafted spec file...
Design/Logic Flaw
The scm plug-in in mock might allow attackers to bypass the intended chroot protection mechanism and gain root privileges via a crafted spec file...
UBUNTU-CVE-2016-6299
The scm plug-in in mock might allow attackers to bypass the intended chroot protection mechanism and gain root privileges via a crafted spec file...
CVE-2016-6299
CVE-2016-6299 affects the scm plug-in in mock, where crafted spec files can bypass the chroot protection and grant the attacker root privileges. This is a local-type vulnerability with high impact (C/H/I/A) per CVSS. Fedora advisories indicate a security fix was released for this CVE; other sourc...
CVE-2016-6299
The scm plug-in in mock might allow attackers to bypass the intended chroot protection mechanism and gain root privileges via a crafted spec file...
PT-2017-2109 · Mock · Mock
Name of the Vulnerable Software and Affected Versions: mock affected versions not specified Description: The issue is related to the scm plug-in in mock, which may allow attackers to bypass the intended chroot protection mechanism and gain root privileges via a crafted spec file. This is due to...