EUVD-2025-12168

Malicious code in bioql PyPI...

SUSE CVE-2024-47829

pnpm is a package manager. Prior to version 10.0.0, the path shortening function uses the md5 function as a path shortening compression function, and if a collision occurs, it will result in the same storage path for two different libraries. Although the real names are under the package name...

CVE-2024-47829

pnpm is a package manager. Prior to version 10.0.0, the path shortening function uses the md5 function as a path shortening compression function, and if a collision occurs, it will result in the same storage path for two different libraries. Although the real names are under the package name...

CVE-2024-47829 pnpm uses the md5 path shortening function causes packet paths to coincide, which causes indirect packet overwriting

pnpm is a package manager. Prior to version 10.0.0, the path shortening function uses the md5 function as a path shortening compression function, and if a collision occurs, it will result in the same storage path for two different libraries. Although the real names are under the package name...

CVE-2024-47829

CVE-2024-47829 affects pnpm versions prior to 10.0.0, where the path shortening function uses MD5 and can cause two different libraries to map to the same storage path under node_modules. The issue is fixed in 10.0.0. Fedora advisories recommend upgrading pnpm to 10.9.0 to address this CVE; other...

CVE-2024-47829 pnpm uses the md5 path shortening function causes packet paths to coincide, which causes indirect packet overwriting

pnpm is a package manager. Prior to version 10.0.0, the path shortening function uses the md5 function as a path shortening compression function, and if a collision occurs, it will result in the same storage path for two different libraries. Although the real names are under the package name...

GHSA-8CC4-RFJ6-FHG4 pnpm uses the md5 path shortening function causes packet paths to coincide, which causes indirect packet overwriting

The path shortening function is used in pnpm： export function depPathToFilename depPath: string, maxLengthWithoutHash: number: string let filename = depPathToFilenameUnescapeddepPath.replace/\/:?"|/g, '+' if filename.includes'' filename = filename .replace/$/, '' .replace/\||/g, '' if...

pnpm uses the md5 path shortening function causes packet paths to coincide, which causes indirect packet overwriting

The path shortening function is used in pnpm： export function depPathToFilename depPath: string, maxLengthWithoutHash: number: string let filename = depPathToFilenameUnescapeddepPath.replace/\/:?"|/g, '+' if filename.includes'' filename = filename .replace/$/, '' .replace/\||/g, '' if...

pnpm 安全漏洞

pnpm is a package manager in the pnpm open source. A security vulnerability exists in pnpm versions prior to 10.0.0, which stems from the use of md5 by the path shortening function that may lead to a conflict between different library storage paths...

PT-2025-17640 · Pnpm · Pnpm

Name of the Vulnerable Software and Affected Versions: pnpm versions prior to 10.0.0 Description: The issue is related to the path shortening function in pnpm, which uses the md5 function as a compression function. If a collision occurs, it can result in the same storage path for two different...