Sensitive Data Exposure

Overview All versions of rails-session-decoder are missing verification of the Message Authentication Code appended to the cookies. This may lead to decryption of cipher text thus exposing encrypted information. Recommendation No fix is currently available. Consider using an alternative module...

Cross-Site Scripting

Overview Versions of jingo prior to 1.9.2 are vulnerable to Cross-Site Scripting XSS. If malicious input such as alert1 is placed in the content of a wiki page, Jingo does not properly encode the input and it is executed instead of rendered as text. Recommendation Upgrade to version 1.9.2...

Denial of Service

Overview All versions of markdown-it-toc-and-anchor are vulnerable to Denial of Service. Parsing markdown containing text+\n@toc causes the application to enter and infinite loop. Recommendation No fix is currently available. Consider using an alternative module until a fix is made available...

Cross-Site Scripting

Overview All versions of md-data-table are vulnerable to cross-site scripting XSS. This vulnerability is exploitable if an attacker has control over data that is rendered by mdt-row Recommendation As there is no fix for this vulnerability at this time we recommend either selecting another package...

Path Traversal

Overview All versions of simplehttpserver are vulnerable to Path Traversal. This vulnerability allows an attacker to access files outside the webroot since it allows symlink navigation in the URL. Recommendation No fix is currently available. Do not use simplehttpserver in production or consider...

Path Traversal

Overview All versions of takeapeek are vulnerable to path traversal exposing files and directories. Recommendation As no fix is currently available for this vulnerability is it is our recommendation to use another static file server. References - HackerOne Report - Node.js Security-wg - GitHub...

CVE-2017-16005

creationtimestamp| type| source ---|---|--- 2018-11-09 17:49:34+00:00| published-proof-of-concept| https://github.com/advisories/GHSA-q257-vv4p-fg92...

CVE-2017-16006

creationtimestamp| type| source ---|---|--- 2018-11-09 17:48:20+00:00| published-proof-of-concept| https://github.com/advisories/GHSA-mrmf-qwxg-7c3h...

CVE-2017-16016

creationtimestamp| type| source ---|---|--- 2018-11-09 17:47:23+00:00| published-proof-of-concept| https://github.com/advisories/GHSA-xc6g-ggrc-qq4r...

CVE-2017-16008

creationtimestamp| type| source ---|---|--- 2018-11-09 17:46:56+00:00| published-proof-of-concept| https://github.com/advisories/GHSA-f89g-whpf-6q9m...

CVE-2017-16017

creationtimestamp| type| source ---|---|--- 2018-11-09 17:45:55+00:00| published-proof-of-concept| https://github.com/advisories/GHSA-wg96-3933-j2w5...

CVE-2017-16018

creationtimestamp| type| source ---|---|--- 2018-11-09 17:45:38+00:00| published-proof-of-concept| https://github.com/advisories/GHSA-qw3g-35hc-fcrh...

Denial of Service

Overview All versions of ircdkit are vulnerable to remote denial of service. Recommendation As no current fix is available if you rely on ircdkit in production it might be best to consider another module. References - GitHub Issue - GitHub Advisory...

Command Injection

Overview Versions of samsung-remote before 1.3.5 are vulnerable to command injection. This vulnerability is exploitable if user input is passed into the ip option of the package constructor. Recommendation Update to version 1.3.5 or later. References - HackerOne Report - Node.js security-wg -...

Command Injection

Overview Versions of ps before 1.0.0 are vulnerable to command injection. Proof of concept: var ps = require'ps'; ps.lookup pid: "$touch success.txt" , functionerr, proc // this method is vulnerable to command injection if err throw err; if proc console.logproc; // Process name, something like...

NoSQL injection

Overview Versions of express-cart before 1.1.8 are vulnerable to NoSQL injection. The vulnerability is caused by the lack of user input sanitization in the login handlers. In both cases, the customer login and the admin login, parameters from the JSON body are sent directly into the MongoDB query...

CVE-2014-9772

creationtimestamp| type| source ---|---|--- 2018-11-06 23:12:49+00:00| published-proof-of-concept| https://github.com/advisories/GHSA-79mx-88w7-8f7q...

Sensitive Data Exposure

Overview Versions of pem before 1.13.2 expose sensitive data when the readPkcs12 is used. The readPkcs12 function reads the certificate and key data from a pkcs12 file using the encryption password. As part of this process it creates a globally readable file with a filename of 20 random 0-f...

Prototype Pollution

Overview Versions of merge before 1.2.1 are vulnerable to prototype pollution. The merge.recursive function can be tricked into adding or modifying properties of the Object prototype. Recommendation Update to version 1.2.1 or later. References - HackerOne Report - GitHub Advisory...

Command Injection

Overview Versions of libnmap before 0.4.16 are vulnerable to command injection. Proof of concept const nmap = require'libnmap'; const opts = range: 'scanme.nmap.org', "x.x.$touch success.txt" ; nmap.scanopts, functionerr, report if err throw new Errorerr; for let item in report...