AZL-78290 CVE-2026-2739 affecting package reaper 3.1.1-22

This affects versions of the package bn.js before 5.2.3. Calling maskn0 on any BN instance corrupts the internal state, causing toString, divmod, and other methods to enter an infinite loop, hanging the process indefinitely...

CVE-2024-6485 affecting package reaper for versions less than 3.1.1-22

CVE-2024-6485 affecting package reaper for versions less than 3.1.1-22. A patched version of the package is available...

CVE-2025-66030 affecting package reaper for versions less than 3.1.1-21

CVE-2025-66030 affecting package reaper for versions less than 3.1.1-21. A patched version of the package is available...

CVE-2018-19827 affecting package reaper for versions less than 3.1.1-20

CVE-2018-19827 affecting package reaper for versions less than 3.1.1-20. A patched version of the package is available...

CVE-2025-66031 affecting package reaper for versions less than 3.1.1-21

CVE-2025-66031 affecting package reaper for versions less than 3.1.1-21. A patched version of the package is available...

CVE-2025-12816 affecting package reaper for versions less than 3.1.1-21

CVE-2025-12816 affecting package reaper for versions less than 3.1.1-21. A patched version of the package is available...

AZL-66570 CVE-2025-9288 affecting package reaper 3.1.1-22

Improper Input Validation vulnerability in sha.js allows Input Data Manipulation.This issue affects sha.js: through 2.4.11...

CVE-2024-12905 affecting package reaper for versions less than 3.1.1-18

CVE-2024-12905 affecting package reaper for versions less than 3.1.1-18. A patched version of the package is available...

AZL-59367 CVE-2024-12905 affecting package reaper for versions less than 3.1.1-18

An Improper Link Resolution Before File Access "Link Following" and Improper Limitation of a Pathname to a Restricted Directory "Path Traversal". This vulnerability occurs when extracting a maliciously crafted tar file, which can result in unauthorized file writes or overwrites outside the intend...

CVE-2024-28863 affecting package reaper for versions less than 3.1.1-17

CVE-2024-28863 affecting package reaper for versions less than 3.1.1-17. A patched version of the package is available...

CVE-2024-52798 affecting package reaper for versions less than 3.1.1-16

CVE-2024-52798 affecting package reaper for versions less than 3.1.1-16. A patched version of the package is available...

CVE-2020-28458 affecting package reaper for versions less than 3.1.1-15

CVE-2020-28458 affecting package reaper for versions less than 3.1.1-15. A patched version of the package is available...

CVE-2024-42460 affecting package reaper for versions less than 3.1.1-11

CVE-2024-42460 affecting package reaper for versions less than 3.1.1-11. A patched version of the package is available...

AZL-47425 CVE-2024-42461 affecting package reaper for versions less than 3.1.1-11

In the Elliptic package 6.5.6 for Node.js, ECDSA signature malleability occurs because BER-encoded signatures are allowed...

CVE-2023-42282 affecting package reaper for versions less than 3.1.1-10

CVE-2023-42282 affecting package reaper for versions less than 3.1.1-10. A patched version of the package is available...

CVE-2024-37890 affecting package reaper for versions less than 3.1.1-10

CVE-2024-37890 affecting package reaper for versions less than 3.1.1-10. A patched version of the package is available...

CVE-2017-18214 affecting package reaper for versions less than 3.1.1-10

CVE-2017-18214 affecting package reaper for versions less than 3.1.1-10. A patched version of the package is available...

CVE-2024-28849 affecting package reaper for versions less than 3.1.1-9

CVE-2024-28849 affecting package reaper for versions less than 3.1.1-9. An upgraded version of the package is available that resolves this issue...

CVE-2024-4068 affecting package reaper for versions less than 3.1.1-9

CVE-2024-4068 affecting package reaper for versions less than 3.1.1-9. An upgraded version of the package is available that resolves this issue...

CVE-2023-28155 affecting package reaper for versions less than 3.1.1-7

CVE-2023-28155 affecting package reaper for versions less than 3.1.1-7. A patched version of the package is available...