Lucene search
K

5 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2021/08/10 4:59 p.m.10 views

Security Bulletin: Vulnerability in npm affects IBM VM Recovery Manager DR

Summary There is vulnerability in npm which affects IBM VM Recovery Manager DR Vulnerability Details Third Party Entry: 184667 DESCRIPTION: Node.js npm-registry-fetch module could allow a remote attacker to obtain sensitive information, caused by the storing of user credentials in the log file. B...

1.4AI score
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/09/28 6:58 p.m.30 views

Security Bulletin: Security Vulnerabilities affect IBM Cloud Pak for Data - Node.js (CVE-2020-15095)

Summary Security Vulnerabilities affect IBM Cloud Pak for Data - Node.js CVE-2020-15095 Vulnerability Details Third Party Entry: 184667 DESCRIPTION: Node.js npm-registry-fetch module information disclosure CVSS Base score: 7.5 CVSS Temporal Score: See:...

4.4CVSS0.9AI score0.00417EPSS
Exploits0Affected Software1
Veracode
Veracode
added 2020/07/08 2:12 a.m.11 views

Information Disclosure

npm-registry-fetch is vulnerable to information disclosure. The vulnerability exists as as it does not mask sensitive information that may be logged through the malicious URL such as ://:@::/...

1AI score
Exploits0
Node.js
Node.js
added 2020/07/07 7:5 p.m.14 views

Sensitive Data Exposure

Overview Affected versions of npm-registry-fetch are vulnerable to an information exposure vulnerability through log files. The package supports URLs like ://:@::/. The password value is not redacted and is printed to stdout and also to any generated log files. Recommendation Upgrade to version...

6.8AI score
Exploits0Affected Software1
OSV
OSV
added 2020/07/07 6:59 p.m.4 views

GHSA-JMQM-F2GX-4FJV Sensitive information exposure through logs in npm-registry-fetch

Affected versions of npm-registry-fetch are vulnerable to an information exposure vulnerability through log files. The cli supports URLs like ://:@::/. The password value is not redacted and is printed to stdout and also to any generated log files...

5.3CVSS5.9AI score
Exploits0References5
Rows per page
Query Builder