3 matches found
GHSA-FR4H-3CPH-29XV pnpm: Hoisted install imports lockfile alias outside node_modules
Summary The hoisted dependency alias issue tracked as GHSA-fr4h-3cph-29xv / CAND-PNPM-059 has been addressed in both pnpm and pacquet. A crafted lockfile alias could be joined directly under a hoisted nodemodules directory. Traversal aliases could escape that directory, while reserved aliases suc...
CVE-2021-27676
Centreon version 20.10.2 is affected by a cross-site scripting XSS vulnerability. The depdescription Dependency Description and depname Dependency Name parameters are vulnerable to stored XSS. A user has to log in and go to the Configuration Notifications Hosts page...
Centreon 跨站脚本漏洞
Centreon Merethis Centreon is a set of open source system monitoring tools from the French company Centreon . The product mainly provides monitoring functions for resources such as network, system and application programs. A security vulnerability exists in Centreon version 20.10.2, which stems...