11 matches found
Linux Distros Unpatched Vulnerability : CVE-2021-23518
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The package cached-path-relative before 1.1.0 are vulnerable to Prototype Pollution via the cache variable that is set as instead of Object.createnull in the...
Debian: Security Advisory (DLA-3221-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian dla-3221 : node-cached-path-relative - security update
The remote Debian 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-3221 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3221-1 [email protected]...
[SECURITY] [DLA 3221-1] node-cached-path-relative security update
Debian LTS Advisory DLA-3221-1 [email protected] https://www.debian.org/lts/security/ Guilhem Moulin December 05, 2022 https://wiki.debian.org/LTS Package : node-cached-path-relative Version : 1.0.1-2+deb10u1 CVE ID : CVE-2018-16472 CVE-2021-23518 Debian Bug : 1004338 Cristian-Alexandru...
@stackstorm/st2-build (>=2.3.1 <=2.4.3), ccxt-without-theocean (=1.18.151) +3 more potentially affected by CVE-2021-23518 via cached-path-relative (=1.0.2)
cached-path-relative NPM version =1.0.2 is affected by a known vulnerability. The following packages have a transitive dependency on cached-path-relative and may be impacted: - @stackstorm/st2-build =2.3.1, =1.0.0, =1.18.173, =1.18.242 Source cves: CVE-2021-23518 Source advisory:...
CVE-2021-23518
A prototype pollution vulnerability was discovered in cached-path-relative. This flaw allows a remote, unauthenticated attacker to inject a cache variable to leak sensitive information...
CVE-2021-23518
The package cached-path-relative before 1.1.0 are vulnerable to Prototype Pollution via the cache variable that is set as instead of Object.createnull in the cachedPathRelative function, which allows access to the parent prototype properties when the object is used to create the cached relative...
CVE-2021-23518
The package cached-path-relative before 1.1.0 are vulnerable to Prototype Pollution via the cache variable that is set as instead of Object.createnull in the cachedPathRelative function, which allows access to the parent prototype properties when the object is used to create the cached relative...
CVE-2021-23518
CVE-2021-23518 affects cached-path-relative (before 1.1.0). The root cause is prototype pollution: the cache variable is created as {} instead of Object.create(null) in the cachedPathRelative function, allowing access to parent prototype properties when building the cached relative path. When ori...
CVE-2021-23518 Prototype Pollution
The package cached-path-relative before 1.1.0 are vulnerable to Prototype Pollution via the cache variable that is set as instead of Object.createnull in the cachedPathRelative function, which allows access to the parent prototype properties when the object is used to create the cached relative...
CVE-2021-23518
The package cached-path-relative before 1.1.0 are vulnerable to Prototype Pollution via the cache variable that is set as instead of Object.createnull in the cachedPathRelative function, which allows access to the parent prototype properties when the object is used to create the cached relative...