CVE-2023-44000

An issue in Otakara lapis totuka mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token...

CVE-2023-47373

The leakage of channel access token in DRAGON FAMILY Line 13.6.1 allows remote attackers to send malicious notifications to victims...

CVE-2023-47365

The leakage of channel access token in Lil.OFF-PRICE STORE Line 13.6.1 allows remote attackers to send malicious notifications to victims...

PT-2022-8897 · Npm · Npm-Help

Name of the Vulnerable Software and Affected Versions: npm-help affected versions not specified Description: The issue affects the npm-help package, with the injection point located in line 13 of the index.js file, specifically in the export.latestVersion function. Recommendations: At the moment,...

Command Injection

Overview Affected versions of this package are vulnerable to Command Injection. The injection point is located in line 13 in index.js file in export.latestVersion function. PoC: var root = require"npm-help"; var module = "& touch JHU"; root.latestVersionmodule; Remediation There is no fixed versi...