GHSA-MM7H-323R-9P4G Downloads Resources over HTTP in imageoptim

imageoptim is a Node.js wrapper for some images compression algorithms. imageoptim downloads zipped resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested tarball with an attacker controlled tarball if t...

Downloads Resources over HTTP in imageoptim

imageoptim is a Node.js wrapper for some images compression algorithms. imageoptim downloads zipped resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested tarball with an attacker controlled tarball if t...

Insecure Defaults Allow MITM Over TLS in engine.io-client

Affected versions of engine.io-client do not verify certificates by default, and as such may be vulnerable to Man-in-the-Middle attacks. The vulnerability is related to the way that node.js handles the rejectUnauthorized setting. If the value is something that evaluates to false, such as undefine...

GHSA-H4MC-R4F4-HCF4 selenium-binaries downloads resources over HTTP

Versions of selenium-binaries prior to 0.15.0 insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code...

selenium-binaries downloads resources over HTTP

Versions of selenium-binaries prior to 0.15.0 insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code...

Security Bulletin: Multiple vulnerabilities were identified in Node.js that affect IBM Cloud App Management V2018

Summary Multiple vulnerabilities were identified in Node.js that affected IBM Cloud App Management V2018. The product was updated to use a later version of Node.js to address these security vulnerabilities. Vulnerability Details CVEID: CVE-2018-0732 DESCRIPTION: OpenSSL is vulnerable to a denial ...

Node.js third-party modules: [url-parse] Improper Validation and Sanitization

NOTE! Thanks for submitting a report! Please replace all the square sections below with the pertinent details. Remember, the more detail you provide, the easier it is for us to triage and respond quickly, so be sure to take your time filling out the report! I would like to report Improper...

Node.js Foundation Node.js nghttp2 nghttp2_frame_altsvc_free Null Pointer Dereference (CVE-2018-1000168)

A denial of service vulnerability has been reported in Node.js. This vulnerability is due to the acceptance of ALTSVC frames from clients while using a vulnerable version of nghttp2...

Node.js Foundation Node.js TLS Denial of Service (CVE-2018-7162)

A denial of service vulnerability has been reported in Node.js. The vulnerability is due to improper handling of TLS by the node process. A remote, unauthenticated attacker can exploit this vulnerability by sending a crafted message to the target server during a TLS handshake...

Node.js third-party modules: [takeapeek] XSS via HTML tag injection in directory lisiting page

I was taking a peek at takeapeek module and found it is vulnerable to XSS via malicious injection in directory listing. It allows execution of arbitrary JS code. Module module name: takeapeek version: 0.2.2 npm page: https://www.npmjs.com/package/takeapeek Module Description A simple static...

Node.js third-party modules: [glance] Access unlisted internal files/folders revealing sensitive information

I would like to report sensitive information disclosure in glance. Similar to 486933 in ways Module module name: glance version: 3.0.5 npm page: https://www.npmjs.com/package/glance Module Description a quick disposable http server for static files Module Stats weekly downloads 41 Vulnerability...

Arbitrary File Overwrite

Overview Vulnerable versions of decompress-zip are affected by the Zip-Slip vulnerability, an arbitrary file write vulnerability. The vulnerability occurs because decompress-zip does not verify that extracted files do not resolve to targets outside of the extraction root directory. Recommendation...

Security Bulletin: Multiple vulnerabilities in Node.js affect IBM Rational Application Developer for WebSphere Software

Summary Multiple Node.js vulnerabilities were disclosed by the Node.js project. Node.js is used by the Cordova tools in IBM Rational Application Developer for WebSphere Software. IBM Rational Application Developer for WebSphere Software has addressed the applicable CVEs. Vulnerability Details...

Scanner-Cli - A Project Security/Vulnerability/Risk Scanning Tool

The Hawkeye scanner-cli is a project security, vulnerability and general risk highlighting tool. It is meant to be integrated into your pre-commit hooks and your pipelines. Running and configuring the scanner The Hawkeye scanner-cli assumes that your directory structure is such that it keeps the...

Node.js third-party modules: [serve] Access unlisted internal files/folders revealing sensitive information

I would like to report sensitive information disclosure in serve. Bypass of 308721 in ways. Module module name: serve version: 10.1.1 npm page: https://www.npmjs.com/package/serve Module Description Assuming you would like to serve a static site, single page application or just a static file no...

Path Traversal

Overview Versions of http-live-simulator prior to 1.0.7 are vulnerable to Path Traversal. Due to insufficient input sanitization, attackers can access server files by using relative paths. For example: curl --path-as-is http://localhost:8080//../../../../etc/passwd. Recommendation Upgrade to...

SUSE SLES12 Security Update : nodejs4 (SUSE-SU-2019:0117-1)

This update for nodejs4 fixes the following issues : Security issues fixed : CVE-2018-0734: Fixed a timing vulnerability in the DSA signature generation bsc1113652 CVE-2018-5407: Fixed a hyperthread port content side channel attack aka 'PortSmash' bsc1113534 CVE-2018-12120: Fixed that the debugge...

CVE-2018-11798

A flaw was found in the Node.js static web server in Apache Thrift, where it allowed a remote user to access files outside of the set web servers' docroot path. An attacker could use this flaw to possibly access unauthorized files and sensitive information...

GHSA-VX85-MJ8C-4QM6 Apache Thrift Node.js static web server sandbox escape

The Apache Thrift Node.js static web server in versions 0.9.2 through 0.11.0 have been determined to contain a security vulnerability in which a remote user has the ability to access files outside the set webservers docroot path...

Apache Thrift Node.js static web server sandbox escape

The Apache Thrift Node.js static web server in versions 0.9.2 through 0.11.0 have been determined to contain a security vulnerability in which a remote user has the ability to access files outside the set webservers docroot path...