13 matches found
EUVD-2022-7501
Malicious code in bioql PyPI...
npm packing does not respect root-level ignore files in workspaces
...
SUSE CVE-2022-4122
A vulnerability was found in buildah. Incorrect following of symlinks while reading .containerignore and .dockerignore results in information disclosure...
SUSE CVE-2022-29244
npm pack ignores root-level .gitignore and .npmignore file exclusion directives when run in a workspace or with a workspace flag ie. --workspaces, --workspace=. Anyone who has run npm pack or npm publish inside a workspace, as of v7.9.0 and v7.13.0 respectively, may be affected and have published...
AZL-44526 CVE-2022-4122 affecting package podman for versions less than 5.6.1-2
A vulnerability was found in buildah. Incorrect following of symlinks while reading .containerignore and .dockerignore results in information disclosure...
UBUNTU-CVE-2022-29244
npm pack ignores root-level .gitignore and .npmignore file exclusion directives when run in a workspace or with a workspace flag ie. --workspaces, --workspace=. Anyone who has run npm pack or npm publish inside a workspace, as of v7.9.0 and v7.13.0 respectively, may be affected and have published...
CVE-2022-29244 npm packing does not respect root-level ignore files in workspaces
npm pack ignores root-level .gitignore and .npmignore file exclusion directives when run in a workspace or with a workspace flag ie. --workspaces, --workspace=. Anyone who has run npm pack or npm publish inside a workspace, as of v7.9.0 and v7.13.0 respectively, may be affected and have published...
CVE-2022-29244 npm packing does not respect root-level ignore files in workspaces
npm pack ignores root-level .gitignore and .npmignore file exclusion directives when run in a workspace or with a workspace flag ie. --workspaces, --workspace=. Anyone who has run npm pack or npm publish inside a workspace, as of v7.9.0 and v7.13.0 respectively, may be affected and have published...
GHSA-HJ9C-8JMM-8C52 Packing does not respect root-level ignore files in workspaces
Impact npm pack ignores root-level .gitignore & .npmignore file exclusion directives when run in a workspace or with a workspace flag ie. --workspaces, --workspace=. Anyone who has run npm pack or npm publish with workspaces, as of v7.9.0 & v7.13.0 respectively, may be affected and have published...
CVE-2019-5415
A bug in handling the ignore files and directories feature in serve 6.5.3 allows an attacker to read a file or list the directory that the victim has not allowed access to...
CVE-2019-5415
A bug in handling the ignore files and directories feature in serve 6.5.3 allows an attacker to read a file or list the directory that the victim has not allowed access to...
CVE-2019-5415
CVE-2019-5415 concerns the Node.js module serve (version 6.5.3) where the ignore feature can be bypassed via a dot-slash path, allowing an attacker to read files or list directories that should be ignored. The root cause is improper handling of ignored paths in the file-serving logic, enabling pa...
[SECURITY] Fedora 18 Update: nodejs-fstream-ignore-0.0.7-1.fc18
A file stream object that can ignore files by globs...