Lucene search
K

5 matches found

Tenable Nessus
Tenable Nessus
added 5 days ago8 views

pnpm 11.3.x < 11.5.3 Stage Download Path Traversal (CVE-2026-55700)

The version of pnpm installed on the remote host is 11.3.x prior to 11.5.3. It is, therefore, affected by a path traversal vulnerability: - From 11.3.0 until 11.5.3, pnpm stage download derived a local filename from registry-controlled package name and version fields. A crafted manifest could...

7.1CVSS6AI score0.00267EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 5 days ago6 views

pnpm < 10.34.0 / 11.x < 11.4.0 Multiple Vulnerabilities

The version of pnpm installed on the remote host is prior to 10.34.0, or 11.x prior to 11.4.0. It is, therefore, affected by multiple vulnerabilities: - pnpm allows a transitive dependency alias from registry package metadata to contain path traversal segments. During install, pnpm later uses tha...

8.8CVSS6.2AI score0.00326EPSS
Exploits2References4
OPENSUSE Linux
OPENSUSE Linux
added 2026/03/25 12:0 a.m.5 views

pnpm-10.32.1-1.1 on GA media (moderate)

pnpm-10.32.1-1.1 on GA media Announcement ID: openSUSE-SU-2026:10410-1 Rating: moderate Cross-References: CVE-2026-24842 CVSS scores: CVE-2026-24842 SUSE : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N CVE-2026-24842 SUSE : 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N...

8.7CVSS6.6AI score0.00541EPSS
Exploits1
OSV
OSV
added 2026/03/23 12:0 a.m.3 views

OPENSUSE-SU-2026:10410-1 pnpm-10.32.1-1.1 on GA media

These are all security issues fixed in the pnpm-10.32.1-1.1 package on the GA media of openSUSE Tumbleweed...

8.2CVSS6.7AI score0.00541EPSS
Exploits1References1
EUVD
EUVD
added 2026/01/07 9:53 p.m.4 views

EUVD-2026-1189

pnpm is a package manager. Versions 10.0.0 through 10.25 allow git-hosted dependencies to execute arbitrary code during pnpm install, circumventing the v10 security feature "Dependency lifecycle scripts execution disabled by default". While pnpm v10 blocks postinstall scripts via the...

8.8CVSS8.1AI score0.01023EPSS
Exploits1References3
Rows per page
Query Builder