8 matches found
MAL-2025-47351 Malicious code in tg-redbird (npm)
The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 381bdac7467e1d835aecf58e3cfebc472a5db3afa8109ad93f30ff7f6e020e09 Any computer that has this package installed or running should be considered fully compromised. All...
Malicious code in tg-redbird (npm)
The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 381bdac7467e1d835aecf58e3cfebc472a5db3afa8109ad93f30ff7f6e020e09 Any computer that has this package installed or running should be considered fully compromised. All...
@frdl/webfan-server (>=0.1.27 <=0.1.31) potentially affected by unknown CVE via tg-redbird (=1.3.0)
tg-redbird NPM version =1.3.0 is affected by a known vulnerability. The following packages have a transitive dependency on tg-redbird and may be impacted: - @frdl/webfan-server =0.1.27, =0.1.31 Source cves: unknown CVE Source advisory: OSV:MAL-2025-47351...
@frdl/webfan-server (>=0.1.27 <=0.1.31) potentially affected by unknown CVE via tg-redbird (=1.3.0)
tg-redbird NPM version =1.3.0 is affected by a known vulnerability. The following packages have a transitive dependency on tg-redbird and may be impacted: - @frdl/webfan-server =0.1.27, =0.1.31 Source cves: unknown CVE Source advisory: SNYK:JS-TGREDBIRD-12744622...
GHSA-8948-FFC6-JG52 Insecure Default Configuration in redbird
Versions of redbird prior to 0.9.1 have a vulnerable default configuration of allowing TLS 1.0 connections on lib/proxy.js. The package does not provide an option to disable TLS 1.0 which is deprecated and vulnerable. Recommendation Upgrade to version 0.9.1 or later...
Insecure Default Configuration in redbird
Versions of redbird prior to 0.9.1 have a vulnerable default configuration of allowing TLS 1.0 connections on lib/proxy.js. The package does not provide an option to disable TLS 1.0 which is deprecated and vulnerable. Recommendation Upgrade to version 0.9.1 or later...
Insecure Default TLS Configuration
redbird uses an insecure default configuration for TLS. It allows TLS 1.0 connections on lib/proxy.js, which has been deprecated and known to contain security vulnerabilities...
Insecure Default Configuration
Overview Versions of redbird prior to 0.9.1 have a vulnerable default configuration of allowing TLS 1.0 connections on lib/proxy.js. The package does not provide an option to disable TLS 1.0 which is deprecated and vulnerable. Recommendation Upgrade to version 0.9.1 or later. References - GitHub ...