Malicious Package

Overview testing-on-npmjs is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

MAL-2026-4356 Malicious code in testing-on-npmjs (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1575dee70b1f079b297d26405595aa16591e62de8fac896cf9ea485d6f534132 On npm install, postinstall.js executes two attacker-controlled actions automatically. First, it collects installer-side identity whoami, id,...

Malicious code in testing-on-npmjs (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1575dee70b1f079b297d26405595aa16591e62de8fac896cf9ea485d6f534132 On npm install, postinstall.js executes two attacker-controlled actions automatically. First, it collects installer-side identity whoami, id,...

EUVD-2023-2704

Malicious code in bioql PyPI...

RHEL 7 : jaeger (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - npmjs-url-parse: Improper validation of protocol of the returned URL CVE-2020-8124 Note that Nessus has not tested...

RHEL 7 : npmjs-url-parse (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - npmjs-url-parse: Improper validation of protocol of the returned URL CVE-2020-8124 Note that Nessus has not tested...

Inefficient Regular Expression Complexity in node-email-check

ReDos in NPMJS Node Email Check v.1.0.4 allows an attacker to cause a denial of service via a crafted string to the scpSyntax component...

CVE-2023-39619

ReDos in NPMJS Node Email Check v.1.0.4 allows an attacker to cause a denial of service via a crafted string to the scpSyntax component...

CVE-2023-39619

ReDos in NPMJS Node Email Check v.1.0.4 allows an attacker to cause a denial of service via a crafted string to the scpSyntax component...

Code injection

ReDos in NPMJS Node Email Check v.1.0.4 allows an attacker to cause a denial of service via a crafted string to the scpSyntax component...

CVE-2023-39619

Summary: CVE-2023-39619 affects the Node Email Check package on NPM. The issue is a ReDoS vulnerability in the scpSyntax component of node-email-check version 1.0.4, allowing an attacker to cause denial of service through a crafted string. The available connected sources corroborate this descript...

CVE-2023-39619

ReDos in NPMJS Node Email Check v.1.0.4 allows an attacker to cause a denial of service via a crafted string to the scpSyntax component...

CVE-2023-39619

ReDos in NPMJS Node Email Check v.1.0.4 allows an attacker to cause a denial of service via a crafted string to the scpSyntax component...

RHEL 7 : Red Hat OpenShift Service Mesh 1.0.10 Jaeger and Kiali (RHSA-2020:0972)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:0972 advisory. Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise...

Node.js third-party modules: [systeminformation] Command Injection via insecure command formatting

I would like to report a Command Injection vulnerability in the systeminformation package. It allows an attacker to inject arbitrary OS commands. Module Module name: systeminformation Version: 4.26.10 npm page: https://www.npmjs.com/package/systeminformation Module Description System and OS...

RHEL 8 : Red Hat OpenShift Service Mesh servicemesh-grafana (RHSA-2020:2796)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2796 advisory. Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise...

Moderate: Red Hat Security Advisory: Red Hat OpenShift Service Mesh 1.0.10 Jaeger and Kiali security update

An update for Jaeger and Kiali is now available for Openshift Service Mesh 1.0. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabilit...

NPMJS gitlabhook 0.0.17 - (repository) Remote Command Execution Exploit

NPMJS gitlabhook version 0.0.17 suffers from a remote command execution vulnerability. Exploit Title: NPMJS gitlabhook 0.0.17 - 'repository' Remote Command Execution Exploit Author: Semen Alexandrovich Lyhin Vendor Homepage: https://www.npmjs.com/package/gitlabhook Version: 0.0.17 Tested on: Kali...

NPMJS gitlabhook 0.0.17 - repository Remote Command Execution

NPMJS gitlabhook 0.0.17 - repository Remote Command Execution Exploit Title: NPMJS gitlabhook 0.0.17 - 'repository' Remote Command Execution Date: 2019-09-13 Exploit Author: Semen Alexandrovich Lyhin Vendor Homepage: https://www.npmjs.com/package/gitlabhook Version: 0.0.17 Tested on: Kali Linux 2...

NPMJS gitlabhook 0.0.17 Remote Command Execution

Exploit Title: NPMJS gitlabhook 0.0.17 - 'repository' Remote Command Execution Date: 2019-09-13 Exploit Author: Semen Alexandrovich Lyhin Vendor Homepage: https://www.npmjs.com/package/gitlabhook Version: 0.0.17 Tested on: Kali Linux 2, Windows 10. CVE : CVE-2019-5485 !/usr/bin/python import...