4 matches found
Malicious code in gx-npm-feature-flags (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7fcad1b944d9ceb92389673398df9f471911a788fe608774a3298c69900bb1c7 [email protected] is a dependency-confusion squat max-semver 99.99.99 on a gx--prefixed name to outrank a private internal package that...
EUVD-2020-3357
Malware in sbrugna...
GitLab EE Path Traversal Vulnerability
GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. A path traversal vulnerability exists in the NPM feature ...
PT-2020-12445 · Gitlab · Gitlab Ce/Ee +1
Name of the Vulnerable Software and Affected Versions: GitLab EE versions 11.7 through 12.9 Description: The NPM feature in GitLab EE is affected by a path traversal issue. Recommendations: For versions 11.7 through 12.9, update to a version that contains a fix for this issue to prevent path...