CVE-2025-58255

Cross-Site Request Forgery CSRF vulnerability in yonisink Custom Post Type Images custom-post-types-image allows Code Injection.This issue affects Custom Post Type Images: from n/a through = 0.5...

08cms (=1.0.0), @artdotstyle/filepix (>=1.0.10 <=1.0.11) +427 more potentially affected by CVE-2024-21523 via images (>=2.0.2 <=3.2.4)

images NPM version =2.0.2, =1.0.10, =1.1.2, =0.0.1, =0.1.0, =1.0.1, =1.4.0, =1.1.2, =1.1.8, =0.4.0, =0.6.2 and more Source cves: CVE-2024-21523 Source advisory: OSV:GHSA-VJPV-X8P9-7P85...

08cms (=1.0.0), @artdotstyle/filepix (>=1.0.10 <=1.0.11) +427 more potentially affected by CVE-2024-21523 via images (>=2.0.2 <=3.2.4)

images NPM version =2.0.2, =1.0.10, =1.1.2, =0.0.1, =0.1.0, =1.0.1, =1.4.0, =1.1.2, =1.1.8, =0.4.0, =0.6.2 and more Source cves: CVE-2024-21523 Source advisory: SNYK:JS-IMAGES-6421826...

Security Bulletin: Images built from IBM App Connect Enterprise Certified Container images may be vulnerable to information exposure via CVE-2020-15095

Summary Images built from the App Connect Enterprise Certified Container images that perform an npm install may leak information through their logs when installing from a non-default location using basic auth credentials due to CVE-2020-15095. Vulnerability Details Third Party Entry: 184666...