Lucene search
+L

6 matches found

circl
circl
added 2025/03/07 4:0 p.m.8 views

CVE-2024-37150

creationtimestamp| type| source ---|---|--- 2025-03-07 16:00:59+00:00| seen| https://bsky.app/profile/lirantal.com/post/3ljsexbfwkl2j...

7.6CVSS6.8AI score0.0042EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/02/05 12:37 a.m.6 views

CVE-2024-37150

An issue in .npmrc support in Deno 1.44.0 was discovered where Deno would send .npmrc credentials for the scope to the tarball URL when the registry provided URLs for a tarball on a different domain. All users relying on .npmrc are potentially affected by this vulnerability if their private...

7.6CVSS7.4AI score0.0042EPSS
Exploits0
wolfi
wolfi
added 2024/06/06 4:15 p.m.11 views

CVE-2024-37150 vulnerabilities

Vulnerabilities for packages: deno...

7.6CVSS7.3AI score0.0042EPSS
Exploits0
cve
cve
added 2024/06/06 3:28 p.m.278 views

CVE-2024-37150

CVE-2024-37150 affects Deno 1.44.0, where Deno would send .npmrc credentials for a scope to tarball URLs when the registry serves tarballs from a different domain. This could expose private registry credentials if tarball URLs point offsite. The issue impacts users relying on .npmrc in scenarios ...

7.6CVSS6.8AI score0.0042EPSS
Exploits0References3Affected Software1
vulnrichment
vulnrichment
added 2024/06/06 3:28 p.m.16 views

CVE-2024-37150 Private npm registry support used scope auth token for downloading tarballs

An issue in .npmrc support in Deno 1.44.0 was discovered where Deno would send .npmrc credentials for the scope to the tarball URL when the registry provided URLs for a tarball on a different domain. All users relying on .npmrc are potentially affected by this vulnerability if their private...

7.6CVSS7.5AI score0.0042EPSS
Exploits0References3
cvelist
cvelist
added 2024/06/06 3:28 p.m.17 views

CVE-2024-37150 Private npm registry support used scope auth token for downloading tarballs

An issue in .npmrc support in Deno 1.44.0 was discovered where Deno would send .npmrc credentials for the scope to the tarball URL when the registry provided URLs for a tarball on a different domain. All users relying on .npmrc are potentially affected by this vulnerability if their private...

7.6CVSS0.0042EPSS
Exploits0References3
Rows per page
Query Builder