12 matches found
Insertion of Sensitive Information into Log File
Overview Affected versions of this package are vulnerable to Insertion of Sensitive Information into Log File via the logging of the entire unmarshaled configuration map at INFO level to /var/log/calico/cni/cni.log during each CNI ADD and DEL invocation. An attacker can obtain sensitive...
Malicious Package
Overview node-log-config is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
MAL-2025-48318 Malicious code in nodelog-lite (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4c3f1413a6184e042f68d9e0cee79523ea3c0566535bb56e1e0b13370875fd8e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in nodelog-lite (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4c3f1413a6184e042f68d9e0cee79523ea3c0566535bb56e1e0b13370875fd8e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-42036 Malicious code in node-log-config (npm)
The package node-log-config was found to contain malicious code...
Malicious code in node-log-config (npm)
The package node-log-config was found to contain malicious code...
MAL-2025-27630 Malicious code in node-log-stream (npm)
The package node-log-stream was found to contain malicious code...
Malicious code in node-log-stream (npm)
The package node-log-stream was found to contain malicious code...
CVE-2022-31008
A flaw was found in RabbitMQ. The shovel and federation plugins perform URI obfuscation in their worker link state. The encryption key used to encrypt the URI was seeded with a predictable secret. In certain exceptions related to Shovel and Federation plugins, reasonably easily deobfuscatable dat...
Code injection
RabbitMQ is a multi-protocol messaging and streaming broker. In affected versions the shovel and federation plugins perform URI obfuscation in their worker link state. The encryption key used to encrypt the URI was seeded with a predictable secret. This means that in case of certain exceptions...
CVE-2022-31008
RabbitMQ is a multi-protocol messaging and streaming broker. In affected versions the shovel and federation plugins perform URI obfuscation in their worker link state. The encryption key used to encrypt the URI was seeded with a predictable secret. This means that in case of certain exceptions...
Scientific Linux Security Update : conga on SL5.x i386/x86_64
A flaw was found in ricci during a code audit. A remote attacker who is able to connect to ricci could cause ricci to temporarily refuse additional connections, a denial of service CVE-2007-4136. Fixes in this updated package include : - The nodename is now set for manual fencing. - The node log ...