electerm: electerm_install_script_CommandInjection Vulnerability Report

Impact What kind of vulnerability is it? Who is impacted? Command Injection vulnerabilities in electerm: A command injection vulnerability exists in github.com/elcterm/electerm/npm/install.js:150. The runMac function appends attacker-controlled remote releaseInfo.name directly into an exec"open...

OESA-2021-1055 librepo security update

A library providing C and Python libcURL like API to downloading repository metadata. Security Fixes: A flaw was found in librepo in versions before 1.12.1. A directory traversal vulnerability was found where it failed to sanitize paths in remote repository metadata. An attacker controlling a...