39 matches found
EUVD-2023-0569
Malicious code in bioql PyPI...
EUVD-2022-6900
Malicious code in bioql PyPI...
EUVD-2022-5904
Malicious code in bioql PyPI...
EUVD-2022-6083
Malicious code in bioql PyPI...
EUVD-2022-6127
Malicious code in bioql PyPI...
CVE-2020-36650
A vulnerability, which was classified as critical, was found in IonicaBizau node-gry up to 5.x. This affects an unknown part. The manipulation leads to command injection. Upgrading to version 6.0.0 is able to address this issue. The patch is named 5108446c1e23960d65e8b973f1d9486f9f9dbd6c. It is...
CVE-2022-2900
Server-Side Request Forgery SSRF in GitHub repository ionicabizau/parse-url prior to 8.1.0...
gry vulnerable to Command Injection
A vulnerability, which was classified as critical, was found in IonicaBizau node-gry up to 5.x. This affects an unknown part. The manipulation leads to command injection. Upgrading to version 6.0.0 is able to address this issue. The name of the patch is 5108446c1e23960d65e8b973f1d9486f9f9dbd6c. I...
GHSA-W5MW-F2HQ-5FW8 gry vulnerable to Command Injection
A vulnerability, which was classified as critical, was found in IonicaBizau node-gry up to 5.x. This affects an unknown part. The manipulation leads to command injection. Upgrading to version 6.0.0 is able to address this issue. The name of the patch is 5108446c1e23960d65e8b973f1d9486f9f9dbd6c. I...
CVE-2020-36650
A vulnerability, which was classified as critical, was found in IonicaBizau node-gry up to 5.x. This affects an unknown part. The manipulation leads to command injection. Upgrading to version 6.0.0 is able to address this issue. The patch is named 5108446c1e23960d65e8b973f1d9486f9f9dbd6c. It is...
CVE-2020-36650
A vulnerability, which was classified as critical, was found in IonicaBizau node-gry up to 5.x. This affects an unknown part. The manipulation leads to command injection. Upgrading to version 6.0.0 is able to address this issue. The patch is named 5108446c1e23960d65e8b973f1d9486f9f9dbd6c. It is...
Command injection
A vulnerability, which was classified as critical, was found in IonicaBizau node-gry up to 5.x. This affects an unknown part. The manipulation leads to command injection. Upgrading to version 6.0.0 is able to address this issue. The patch is named 5108446c1e23960d65e8b973f1d9486f9f9dbd6c. It is...
CVE-2020-36650 IonicaBizau node-gry command injection
A vulnerability, which was classified as critical, was found in IonicaBizau node-gry up to 5.x. This affects an unknown part. The manipulation leads to command injection. Upgrading to version 6.0.0 is able to address this issue. The patch is named 5108446c1e23960d65e8b973f1d9486f9f9dbd6c. It is...
CVE-2020-36650
CVE-2020-36650 describes a critical command-injection vulnerability in IonicaBizau’s node-gry, affected up to version 5.x. The issue affects an unspecified part of the project and is triggered by unsafely processed input, enabling injection of arbitrary shell commands. A fix is available in versi...
IonicaBizau node-gry 命令注入漏洞
IonicaBizau node-gry is a command minimalist NodeJS wrapper git. A command injection vulnerability exists in IonicaBizau node-gry version 5.x and earlier. An attacker could exploit this vulnerability to perform a command injection attack...
CVE-2022-3224
Misinterpretation of Input in GitHub repository ionicabizau/parse-url prior to 8.1.0...
Design/Logic Flaw
Misinterpretation of Input in GitHub repository ionicabizau/parse-url prior to 8.1.0...
CVE-2022-3224 Misinterpretation of Input in ionicabizau/parse-url
Misinterpretation of Input in GitHub repository ionicabizau/parse-url prior to 8.1.0...
CVE-2022-3224 Misinterpretation of Input in ionicabizau/parse-url
Misinterpretation of Input in GitHub repository ionicabizau/parse-url prior to 8.1.0...
CVE-2022-3224
CVE-2022-3224 concerns the parse-url npm package by ionică Bizău, affected in versions prior to 8.1.0. The root cause is a misinterpretation of input that leads to incorrect parsing of http/https URLs (e.g., misclassifying the URL protocol as ssh and misparsing the hostname). Reported impacts inc...