6 matches found
Security Bulletin: Multiple vulnerabilities in modules from the IBM SDK for Node.js affect the Cordova tools packaged in Rational Developer for i Modernization Tools Java Edition and Rational Developer for AIX and Linux (CVE-2014-7191 and CVE-2014-7192)
Summary Security vulnerabilities have been discovered in the syntax-error and qs modules packaged in the IBM SDK for Node.js and Cordova platform packaged in Rational Developer for i Modernization Tools Java Edition and Rational Developer for AIX and Linux. The fix upgrades IBM SDK for Node.js to...
@chargetrip/internal-vue-components (>=0.0.1 <=0.0.13), ampersand-view-conventions (>=1.0.0 <=1.1.3) +260 more potentially affected by CVE-2014-7192 via syntax-error (>=0.0.0 <=0.0.1)
syntax-error NPM version =0.0.0, =0.0.1, =1.0.0, =0.0.0, =0.0.1, =1.1.5, =1.0.0, =0.0.1, =0.0.1, =0.0.1, =0.1.0, =0.1.4, =0.2.0, =0.2.4 and more Source cves: CVE-2014-7192 Source advisory: OSV:GHSA-5726-G6R9-5F22...
CVE-2014-7192
Eval injection vulnerability in index.js in the syntax-error package before 1.1.1 for Node.js 0.10.x, as used in IBM Rational Application Developer and other products, allows remote attackers to execute arbitrary code via a crafted file...
CVE-2014-7192
Eval injection vulnerability in index.js in the syntax-error package before 1.1.1 for Node.js 0.10.x, as used in IBM Rational Application Developer and other products, allows remote attackers to execute arbitrary code via a crafted file...
CVE-2014-7192
CVE-2014-7192 affects the syntax-error npm module (before 1.1.1) used with Node.js 0.10.x, including in IBM Rational Application Developer and related IBM/RSA products. The vulnerability stems from improper input handling in the syntax-error/index.js file, enabling remote attackers to execute arb...
CVE-2014-7192
Removed by vendor...