RHEL 7 : rh-nodejs12-nodejs (RHSA-2020:0602)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:0602 advisory. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The...

FreeBSD : NPM -- Multiple vulnerabilities (2a3588b4-ab12-11ea-a051-001b217b3468)

NPM reports : Global nodemodules Binary Overwrite Symlink reference outside of nodemodules Arbitrary File Write C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the FreeBSD VuXML database : Copyright 2003-2020 Jacques Vidrine and...

NPM -- Multiple vulnerabilities

NPM reports: Global nodemodules Binary Overwrite Symlink reference outside of nodemodules Arbitrary File Write...

npm symlink reference outside of node_modules

Versions of the npm CLI prior to 6.13.3 are vulnerable to a symlink reference outside of nodemodules. It is possible for packages to create symlinks to files outside of thenodemodules folder through the bin field upon installation. A properly constructed entry in the package.json bin field would...