Malicious Package

Overview Version 1.0.3 of bmap contained malicious code. The code when executed in the browser would enumerate password, cvc, cardnumber fields from forms and send the extracted values to https://js-metrics.com/minjs.php?pl= Recommendation If version 1.0.3 of this module is found installed you wi...

Sandbox Breakout

Overview Versions of realms-shim prior to 1.2.0 are vulnerable to a Sandbox Breakout. Reflect.construct can be used on the sandboxed Function constructor to reach the prototypes of the primal Realm, which may allow an attacker to escape the sandbox and execute arbitrary code. Recommendation Upgra...

Sandbox Breakout

Overview Versions of realms-shim prior to 1.2.0 are vulnerable to a Sandbox Breakout. The package's confined evaluator depended upon correct behavior of the spread operator a = ...b, ...c, which could be modified by the confined code. This may allow an attacker to escape the sandbox and run...

Cryptographically Weak PRNG

Overview Versions of generator-jhipster use a Cryptographically Weak PRNG that may lead to account takeover. The package uses a cryptographically insecure method to generate password reset links, which allows an attacker to guess password reset links and takeover accounts. Recommendation Update t...

Machine-In-The-Middle

Overview Versions of https-proxy-agent prior to 2.2.3 are vulnerable to Machine-In-The-Middle. The package fails to enforce TLS on the socket if the proxy server responds the to the request with a HTTP status different than 200. This allows an attacker with access to the proxy server to intercept...

Sandbox Breakout

Overview Versions of realms-shim prior to 1.2.0 are vulnerable to a Sandbox Breakout. The package's core evaluator, which must switch between "unsafe mode" and "safe mode" for each call, could be left in "unsafe mode" if an attacker is able to force a RangeError in a specific timeframe. This woul...

Configuration Override

Overview Versions of helmet-csp before to 2.9.1 are vulnerable to a Configuration Override affecting the application's Content Security Policy CSP. The package's browser sniffing for Firefox deletes the default-src CSP policy, which is the fallback policy. This allows an attacker to remove an...

Path Traversal

Overview All versions of @wturyn/swagger-injector are vulnerable to Path Traversal. The package fails to sanitize URLs, allowing attackers to access server files outside of the configured dist folder using relative paths. Recommendation No fix is currently available. Consider using an alternative...

Path Traversal

Overview All versions of swagger-injector are vulnerable to Path Traversal. The package fails to sanitize URLs, allowing attackers to access server files outside of the configured dist folder using relative paths. Recommendation No fix is currently available. Consider using an alternative package...

Cross-Site Scripting

Overview All versions of mavon-editor are vulnerable to Cross-Site Scripting. The package fails to sanitize entered input, allowing attackers to execute arbitrary JavaScript in a victim's browser. Recommendation No fix is currently available. Consider using an alternative package until a fix is...

Cross-Site Scripting

Overview All versions of snekserve are vulnerable to Cross-Site Scripting XSS. The package fails to sanitize filenames, allowing attackers to execute arbitrary JavaScript in the victim's browser through files with names containing malicious code. Recommendation No fix is currently available...

Prototype Pollution

Overview Versions of handlebars prior to 3.0.8 or 4.3.0 are vulnerable to Prototype Pollution leading to Remote Code Execution. Templates may alter an Objects' proto and defineGetter properties, which may allow an attacker to execute arbitrary code through crafted payloads. Recommendation Upgrade...

Regular Expression Denial of Service

Overview All versions of sql-injection are vulnerable to Regular Expression Denial of Service. The package processes a request's body with regular expressions that may take exponentially longer to execute for large inputs. Recommendation No fix is currently available. Consider using an alternativ...

Malicious Package

Overview All versions of evil-package contain malicious code. The package uploads the contents of process.env to example.com/log. Recommendation Remove the package from your environment. Given the host where the information was uploaded to there is no further indication of compromise. References...

Message Signature Bypass

Overview Versions of openpgp prior to 4.2.0 are vulnerable to Message Signature Bypass. The package fails to verify that a message signature is of type text. This allows an attacker to to construct a message with a signature type that only verifies subpackets without additional input such as...

Unintended Require

Overview All versions of larvitbase-www are vulnerable to an Unintended Require. The package exposes an API endpoint and passes a GET parameter unsanitized to an require call. This allows attackers to execute any .js file in the same folder as the server is running. Recommendation No fix is...

Cross-Site Scripting

Overview Versions of status-board prior to 10.0.1 are vulnerable to Cross-Site Scripting. The createPreviewButton function fails to sanitize the href attribute of a created tag. This may allow attackers to execute arbitrary JavaScript in a victim's browser. Recommendation Upgrade to version 10.0....

Cross-Site Scripting

Overview Versions of cyberchef prior to 8.31.3 are vulnerable to Cross-Site Scripting. In Text Encoding Brute Force the table rows are created by concatenating the value variable unsanitized in the HTML code. If this variable is controlled by user input it allows attackers to execute arbitrary...

Regular Expression Denial of Service

Overview Versions of simple-markdown prior to 0.5.2 are vulnerable to Regular Expression Denial of Service ReDoS. The SimpleMarkdown.defaultInlineParse function has significantly degraded performance when parsing inline code blocks. Recommendation Upgrade to version 0.5.2 or later. References -...

Path Traversal

Overview All versions of public are vulnerable to Path Traversal. This vulnerability allows an attacker to access files outside the webroot since it allows symlink navigation in the URL. Recommendation No fix is currently available. Do not use public in production or consider using an alternative...