EUVD-2021-1724

Malware in sbrugna...

EUVD-2021-1513

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2021-39134

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - @npmcli/arborist, the library that calculates dependency trees and manages the nodemodules folder hierarchy for the npm command line interface, aims to guarante...

Security Bulletin: Multiple vulnerabilities in Node.js affect IBM Rational Application Developer for WebSphere Software included in Rational Developer for i

Summary Vulnerabilities detected in Node.js versions before v14.16.2 that affect the Cordova platform packaged with Rational Developer for i Software. Vulnerability Details CVEID: CVE-2021-3712 DESCRIPTION: OpenSSL could allow a remote attacker to obtain sensitive information, caused by an...

Remote Code Execution (RCE)

@npmcli/arborist is vulnerable to remote code execution. The vulnerability exists due to a symlink dependency where an attacker is able to create arbitrary contents to be written to any location on the filesystem...

Remote Code Execution (RCE)

@npmcli/arboristis vulnerable to Remote Code Execution RCE. The vulnerability exists due to the lack of sanitization of the symlink and the assigned dependency in the root level...

CVE-2021-39134

@npmcli/arborist, the library that calculates dependency trees and manages the nodemodules folder hierarchy for the npm command line interface, aims to guarantee that package dependency contracts will be met, and the extraction of package contents will always be performed into the expected folder...

CVE-2021-39134

@npmcli/arborist, the library that calculates dependency trees and manages the nodemodules folder hierarchy for the npm command line interface, aims to guarantee that package dependency contracts will be met, and the extraction of package contents will always be performed into the expected folder...