Prototype Pollution

Overview All versions of utils-extend are vulnerable to prototype pollution. The extend function does not restrict the modification of an Object's prototype, which may allow an attacker to add or modify an existing property that will exist on all objects. Recommendation No fix is currently...

Symfony 4.4.x < 4.4.4, 5.0.x < 5.0.4 Information Disclosure Vulnerability

Symfony is prone to an information disclosure vulnerability. Copyright C 2020 Greenbone Networks GmbH SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Softwa...

Cross-Site Scripting

Overview Versions of lazysizes prior to 5.2.1-rc1 are vulnerable to Cross-Site Scripting. The video-embed plugin fails to sanitize the following attributes: data-vimeo, data-vimeoparams, data-youtube and data-ytparams. This allows attackers to execute arbitrary JavaScript in a victim's browser if...

Command Injection

Overview All versions of priest-runner are vulnerable to Command Injection. The package fails to sanitize input and passes it directly to a spawn call, which may allow attackers to execute arbitrary code in the system. The PriestController.prototype.createChild function is vulnerable since the...

Validation Bypass

Overview Versions of kind-of 6.x prior to 6.0.3 are vulnerable to a Validation Bypass. A maliciously crafted object can alter the result of the type check, allowing attackers to bypass the type checking validation. Recommendation Upgrade to versions 6.0.3 or later. References - GitHub issue -...

Regular Expression Denial of Service

Overview Affected versions of acorn are vulnerable to Regular Expression Denial of Service. A regex in the form of /x-\ud800/u causes the parser to enter an infinite loop. The string is not valid UTF16 which usually results in it being sanitized before reaching the parser. If an application...

Denial of Service

Overview Versions of http-proxy prior to 1.18.1 are vulnerable to Denial of Service. An HTTP request with a long body triggers an ERRHTTPHEADERSSENT unhandled exception that crashes the proxy server. This is only possible when the proxy server sets headers in the proxy request using the...

Denial of Service

Overview Affected versions of @commercial/hapi are vulnerable to Denial of Service. The CORS request handler has a vulnerability which will cause the function to throw a system error if the header contains some invalid values. If no unhandled exception handler is available, the application will...

Denial of Service

Overview Versions of @hapi/hapi prior to 18.4.1 or 19.1.1 are vulnerable to Denial of Service. The CORS request handler has a vulnerability which will cause the function to throw a system error if the header contains some invalid values. If no unhandled exception handler is available, the...

Denial of Service

Overview Version 5.1.1 of @commercial/subtext is vulnerable to Denial of Service. The Content-Encoding HTTP header parser has a vulnerability which will cause the function to throw a system error if the header contains some invalid values. Because hapi rethrows system errors as opposed to catchin...

Denial of Service

Overview Versions of @hapi/accept prior to 3.2.4 or 5.0.1 are vulnerable to Denial of Service. The Accept-Encoding HTTP header parser has a vulnerability which will cause the function to throw a system error if the header contains some invalid values. Because hapi rethrows system errors as oppose...

Prototype Pollution

Overview Versions of @hapi/hoek prior to 8.5.1 and 9.0.3 are vulnerable to Prototype Pollution. The clone function fails to prevent the modification of the Object prototype when passed specially-crafted input. Attackers may use this to change existing properties that exist in all objects, which m...

Prototype Pollution

Overview Versions of klona prior to 1.1.1 are vulnerable to prototype pollution. The package does not restrict the modification of an Object's prototype when cloning objects, which may allow an attacker to add or modify an existing property that will exist on all objects. Recommendation Upgrade t...

Hardcoded Initialization Vector

Overview All versions of parsel have a default hardcoded initialization vector. In cases where the IV is not provided, the package defaults to a hardcoded IV which renders the cipher vulnerable to chosen plaintext attacks. Recommendation The package is deprecated and will not be updated. Consider...

Command Injection

Overview All versions of npm-git-publish are vulnerable to Command Injection. The package fails to sanitize input and passes it directly to an execSync call, which may allow attackers to execute arbitrary code in the system. The publish function is vulnerable through the gitRemoteUrl variable...

Command Injection

Overview All versions of meta-git are vulnerable to Command Injection. The package fails to sanitize input and passes it directly to an exec call, which may allow attackers to execute arbitrary code in the system. The clone command is vulnerable through the branch name. Recommendation No fix is...

Cross-Site Scripting

Overview Versions of angular prior to 1.5.0-beta.1 are vulnerable to Cross-Site Scripting. The package fails to sanitize xlink:href attributes, which may allow attackers to execute arbitrary JavaScript in a victim's browser if the value is user-controlled. Recommendation Upgrade to version...

Cross-Site Scripting

Overview All versions of atlasboard-atlassian-package prior to 0.4.2 are vulnerable to Cross-Site Scripting XSS. The package fails to properly sanitize user input that is rendered as HTML, which may allow attackers to execute arbitrary JavaScript in a victim's browser. This requires attackers bei...

Server-Side Request Forgery

Overview Versions of ftp-srv prior to versions 2.19.6, 3.1.2, and 4.3.4 are vulnerable to Server-Side Request Forgery SSRF. The package fails to prevent remote clients to access other resources in the network, for example when connecting to the server through telnet. This allows attackers to acce...

Command Injection

Overview All versions of plotter are vulnerable to Command Injection. The package fails to sanitize plot titles, which may allow attackers to execute arbitrary code in the system if the title value is supplied by a user. The following proof-of-concept creates a testing file in the current...