Node.js third-party modules: Prototype pollution attack (upmerge)

Hi team, I would like to report a prototype pollution vulnerability in upmerge that allows an attacker to inject properties on Object.prototype. Module module name: upmerge version: 0.1.7 npm page: https://www.npmjs.com/package/upmerge Module Description JavaScript Object Merge and Clone for Clie...

Node.js third-party modules: Prototype pollution attack (lutils-merge)

Hi team, I would like to report a prototype pollution vulnerability in lutils-merge that allows an attacker to inject properties on Object.prototype. Module module name: lutils-merge version: 0.2.6 npm page: https://www.npmjs.com/package/lutils-merge Module Description Merge javascript objects...

Code Injection

Overview Verisons of morgan before 1.9.1 are vulnerable to code injection when user input is allowed into the filter or combined with a prototype pollution attack. Recommendation Update to version 1.9.1 or later. References - HackerOne Report - Node.js security-wg - GitHub Advisory...

GHSA-38H8-X697-GH8Q Tmp files readable by other users in sync-exec

Affected versions of sync-exec use files located in /tmp/ to buffer command results before returning values. As /tmp/ is almost always set with world readable permissions, this may allow low privilege users on the system to read the results of commands run via sync-exec under a higher privilege...

Tmp files readable by other users in sync-exec

Affected versions of sync-exec use files located in /tmp/ to buffer command results before returning values. As /tmp/ is almost always set with world readable permissions, this may allow low privilege users on the system to read the results of commands run via sync-exec under a higher privilege...

Node.js third-party modules: Prototype pollution attack (smart-extend)

Hi team, I would like to report a prototype pollution vulnerability in smart-extend that allows an attacker to inject properties on Object.prototype. Module module name: smart-extend version: 1.7.3 npm page: https://www.npmjs.com/package/smart-extend Module Description smart-extend is an extensio...

Security Bulletin: IBM DataPower Gateway is affected by a Denial of Service vulnerability (CVE-2018-12115)

Summary IBM DataPower Gateway has addressed the following vulnerability: CVE-2018-12115 Vulnerability Details CVEID: CVE-2018-12115 DESCRIPTION: Node.js is vulnerable to a denial of service, caused by an out-of-bounds write in Buffer. An attacker could exploit this vulnerability to write to memor...

Command Injection

Overview Versions of samsung-remote before 1.3.5 are vulnerable to command injection. This vulnerability is exploitable if user input is passed into the ip option of the package constructor. Recommendation Update to version 1.3.5 or later. References - HackerOne Report - Node.js security-wg -...

Command Injection

Overview Versions of ps before 1.0.0 are vulnerable to command injection. Proof of concept: var ps = require'ps'; ps.lookup pid: "$touch success.txt" , functionerr, proc // this method is vulnerable to command injection if err throw err; if proc console.logproc; // Process name, something like...

NoSQL injection

Overview Versions of express-cart before 1.1.8 are vulnerable to NoSQL injection. The vulnerability is caused by the lack of user input sanitization in the login handlers. In both cases, the customer login and the admin login, parameters from the JSON body are sent directly into the MongoDB query...

Security Bulletin: Node.js as used in IBM QRadar Packet Capture is susceptible to multiple vulnerabilities

Summary Node.js as used in IBM QRadar Packet Capture has been updated to resolve multiple vulnerabilities Vulnerability Details CVEID: CVE-2018-7158 Description: Node.js path module is vulnerable to a denial of service. By sending a specially crafted file path, an attacker could exploit this...

Node.js third-party modules: [static-resource-server] Path Traversal allows to read content of arbitrary file on the server

Module module name: static-resource-server version: 1.7.2 npm page: https://www.npmjs.com/package/static-resource-server Module Description A tiny http server that provides local static resource access Module Stats Replace stats below with numbers from npm’s module page: 0 downloads in the last d...

Node.js third-party modules: Prototype pollution attack in node.extend

I would like to report a prototype pollution vulnerability in node.extend. It allows an attacker to inject properties on Object.prototype. Module module name: node.extend version: 2.0.0 npm page: https://www.npmjs.com/package/node.extend Module Description A port of jQuery.extend that actually...

Node.js third-party modules: Prototype pollution attack in just-extend

I would like to report a prototype pollution vulnerability in just-extend It allows an attacker to inject properties on Object.prototype. Module module name: just-extend version: 2.1.0, and 3.0.0 npm page: https://www.npmjs.com/package/just-extend Module Description Part of a library of...

Security Bulletin: IBM API Connect is affected by OpenSSL vulnerabilities (CVE-2018-0732 CVE-2018-12115 CVE-2018-7166 CVE-2018-0737)

Summary IBM API Management has addressed the following vulnerabilities. Vulnerability Details CVEID: CVE-2018-0732 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by the sending of a very large prime value to the client by a malicious server during key agreement in a TLS...

nodejs: Inspector DNS rebinding vulnerability

It was found that when a Node.js script is run in inspector mode, Node.js did not properly validate the Host header, leaving the inspector vulnerable to a DNS rebind attack and bypass same-origin policy. If a developer had an inspector session running, and was visiting a malicious website, the si...

Important: Red Hat Security Advisory: rh-nodejs8-nodejs security update

An update for rh-nodejs8-nodejs is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Important: Red Hat Security Advisory: rh-nodejs6-nodejs security update

An update for rh-nodejs6-nodejs is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Out-of-bounds Read in atob

Versions of atob before 2.1.0 uninitialized Buffers when number is passed in input on Node.js 4.x and below. Recommendation Update to version 2.1.0 or later...

GHSA-8W4H-3CM3-2PM2 Out-of-bounds Read in atob

Versions of atob before 2.1.0 uninitialized Buffers when number is passed in input on Node.js 4.x and below. Recommendation Update to version 2.1.0 or later...