Moderate: Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.4.3 security updates and bug fixes

Red Hat Advanced Cluster Management for Kubernetes 2.4.3 General Availability release images. This update provides security fixes, bug fixes, and updates the container images. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring...

@aarconada/urserver (>=0.0.1 <=0.0.990), @alterior/core (>=0.0.1 <=2.0.0-b1) +195 more potentially affected by CVE-2022-27261 via express-fileupload (>=0.0.5 <=1.3.1)

express-fileupload NPM version =0.0.5, =0.0.1, =0.0.1, =0.0.1, =0.0.1, =0.1.155, =2.0.0-alpha.0, =1.0.0, =0.12.0, =0.0.2-90, =0.0.1-alpha.151, =0.0.1-alpha.44, =0.0.1, =1.0.0, =1.0.0, =1.0.1 and more Source cves: CVE-2022-27261 Source advisory: OSV:GHSA-W4M6-X6C2-J5C9...

CVE-2022-29080

The npm-dependency-versions package through 0.3.0 for Node.js allows command injection if an attacker is able to call dependencyVersions with a JSON object in which pkgs is a key, and there are shell metacharacters in a value...

CVE-2021-22931 affecting package nodejs for versions less than 16.14.0-1

CVE-2021-22931 affecting package nodejs for versions less than 16.14.0-1. An upgraded version of the package is available that resolves this issue...

CVE-2021-22939 affecting package nodejs for versions less than 16.14.0-1

CVE-2021-22939 affecting package nodejs for versions less than 16.14.0-1. An upgraded version of the package is available that resolves this issue...

CVE-2021-44531 affecting package nodejs for versions less than 16.14.0-1

CVE-2021-44531 affecting package nodejs for versions less than 16.14.0-1. An upgraded version of the package is available that resolves this issue...

CVE-2021-44533 affecting package nodejs for versions less than 16.14.0-1

CVE-2021-44533 affecting package nodejs for versions less than 16.14.0-1. An upgraded version of the package is available that resolves this issue...

CVE-2021-44532 affecting package nodejs for versions less than 16.14.0-1

CVE-2021-44532 affecting package nodejs for versions less than 16.14.0-1. An upgraded version of the package is available that resolves this issue...

CVE-2021-22940 affecting package nodejs for versions less than 16.14.0-1

CVE-2021-22940 affecting package nodejs for versions less than 16.14.0-1. An upgraded version of the package is available that resolves this issue...

CVE-2021-22930 affecting package nodejs for versions less than 16.14.0-1

CVE-2021-22930 affecting package nodejs for versions less than 16.14.0-1. An upgraded version of the package is available that resolves this issue...

CVE-2022-21824 affecting package nodejs for versions less than 16.14.0-1

CVE-2022-21824 affecting package nodejs for versions less than 16.14.0-1. An upgraded version of the package is available that resolves this issue...

Security Bulletin: Vulnerabilities in OpenSSL affect IBM Integration Bus and IBM App Connect Enterprise v11 & v12 (CVE-2021-3711)

Summary Vulnerabilities in OpenSSL affect IBM Integration Bus and IBM App Connect Enterprsie. The DataDirect ODBC Drivers & Nodejs used by IBM App Connect Enterprise and IBM Integration Bus have addressed the applicable CVEs Vulnerability Details CVEID: CVE-2021-3711 DESCRIPTION: OpenSSL is...

Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')

Overview git-pull-or-clone is an Ensure a git repo exists on disk and that it's up-to-date Affected versions of this package are vulnerable to Improper Neutralization of Argument Delimiters in a Command 'Argument Injection' due to the use of the --upload-pack feature of git which is also supporte...

[SECURITY] Fedora 36 Update: python-fastapi-0.75.0-3.fc36

FastAPI is a modern, fast high-performance, web framework for building APIs with Python 3.6+ based on standard Python type hints. The key features are: =EF=BF=BD=EF=BF=BD=EF=BF=BD Fast: Very high performance, on par with NodeJS and Go thanks to Starlette and Pydantic. One of the fastest Python...

Critical Photon OS Security Update - PHSA-2022-0375

Updates of 'squashfs-tools', 'go', 'python3', 'httpd', 'nodejs', 'bindutils', 'bluez' packages of Photon OS have been released...

Critical Photon OS Security Update - PHSA-2022-3.0-0375

Updates of 'go', 'nodejs', 'bindutils', 'python3', 'util-linux', 'httpd', 'squashfs-tools', 'bluez' packages of Photon OS have been released...

Important Photon OS Security Update - PHSA-2022-0453

Updates of 'nodejs' packages of Photon OS have been released...

116zm_atm (=1.0.0), 11_mybank (=1.0.0) +611 more potentially affected by CVE-2021-23567 via faker (=6.6.6)

faker NPM version =6.6.6 is affected by a known vulnerability. The following packages have a transitive dependency on faker and may be impacted: - 116zmatm =1.0.0 - 11mybank =1.0.0 - @acceleratxr/react-shared =1.1.0, =0.1.0, =1.0.0, =1.2.1, =1.1.0, =1.3.0, =1.0.0, =1.1.0, =1.2.0, =1.1.0, =1.2.0,...

Important Photon OS Security Update - PHSA-2022-0164

Updates of 'nodejs' packages of Photon OS have been released...

Important Photon OS Security Update - PHSA-2022-4.0-0164

Updates of 'nodejs' packages of Photon OS have been released...