EUVD-2018-0757

Malware in sbrugna...

CVE-2022-38545

Valine v1.4.18 was discovered to contain a remote code execution RCE vulnerability which allows attackers to execute arbitrary code via a crafted POST request...

@gitldy1013/vuepress-theme-ldy (>=1.1.2 <=1.1.3), @next-theme/plugins (>=0.0.2 <=8.1.0) +22 more potentially affected by CVE-2022-38545 via valine (>=1.3.10 <=1.4.4)

valine NPM version =1.3.10, =1.1.2, =0.0.2, =1.0.0, =2.0.0-beta.0, =1.0.11, =0.0.1-alpha.0, =0.0.1, =2.0.0-rc.8, =1.0.0, =1.0.0, =1.0.8-alpha.5, =1.1.2, =1.4.0 - vuepress-theme-learing =0.0.1 and more Source cves: CVE-2022-38545 Source advisory: OSV:GHSA-MCVG-G9WX-V5VX...

Valine 跨站脚本漏洞

Valine is a commenting system. A security vulnerability exists in Valine v1.4.18, which originates from an attacker being able to execute arbitrary code to achieve remote command execution via a crafted POST request...

@gitldy1013/vuepress-theme-ldy (>=1.1.2 <=1.1.3), @next-theme/plugins (>=0.0.2 <=8.1.0) +17 more potentially affected by CVE-2020-28847 via valine (>=1.3.10 <=1.4.14)

valine NPM version =1.3.10, =1.1.2, =0.0.2, =2.0.0-beta.0, =1.0.11, =0.0.1, =1.0.0, =1.0.0, =1.0.8-alpha.5, =1.1.2, =1.2.1, =1.0.1, =1.0.0, =3.0.0-beta.2, =3.0.0-beta.3 and more Source cves: CVE-2020-28847 Source advisory: OSV:GHSA-6XVQ-2GJ8-4276...

@gitldy1013/vuepress-theme-ldy (>=1.1.2 <=1.1.3), @next-theme/plugins (>=0.0.2 <=8.1.0) +17 more potentially affected by CVE-2021-34801 via valine (>=1.3.10 <=1.4.14)

valine NPM version =1.3.10, =1.1.2, =0.0.2, =2.0.0-beta.0, =1.0.11, =0.0.1, =1.0.0, =1.0.0, =1.0.8-alpha.5, =1.1.2, =1.2.1, =1.0.1, =1.0.0, =3.0.0-beta.2, =3.0.0-beta.3 and more Source cves: CVE-2021-34801 Source advisory: OSV:GHSA-P2C4-GXP4-J3XP...