5 matches found
200-ok-boomer (>=2.0.0 <=2.1.0), 20190403-utils (=1.0.0) +10109 more potentially affected by CVE-2025-64718 via js-yaml (>=0.3.5 <=3.14.1)
js-yaml NPM version =0.3.5, =2.0.0, =1.0.0, =0.0.2, =1.0.0, =0.1.1, =0.1.0, =1.0.0, =0.2.39, =0.0.1, =1.0.2, =2.0.3, =2.0.7 and more Source cves: CVE-2025-64718 Source advisory: OSV:GHSA-MH29-5H37-FV8M...
CVE-2025-30594
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in samsk Include URL include-url allows Path Traversal.This issue affects Include URL: from n/a through = 0.3.5...
PT-2025-5448 · Unknown · Fv Thoughtful Comments
Name of the Vulnerable Software and Affected Versions: FV Thoughtful Comments versions 0.3.5 and earlier Description: The issue is related to a Missing Authorization vulnerability, which allows the exploitation of incorrectly configured access control security levels. Recommendations: For version...
PT-2022-9401 · Zip-Local · Zip-Local
Name of the Vulnerable Software and Affected Versions: zip-local versions prior to 0.3.5 Description: The issue allows for Arbitrary File Write via Archive Extraction, also known as Zip Slip, which can lead to the extraction of a crafted file outside the intended extraction directory. This can...
@abstract-os/abstract.js (>=0.2.0-beta.6.2 <=0.2.0-beta.6.3), @acme-wct/rental-math (=0.0.1) +854 more potentially affected by CVE-2013-4660 via js-yaml (>=0.3.5 <=2.0.4)
js-yaml NPM version =0.3.5, =0.2.0-beta.6.2, =1.0.7, =0.0.1, =0.0.1, =1.0.0-rc2, =1.1.29, =0.0.1, =0.0.1, =0.1.0 - @anywhere-ui/angular =0.3.0 and more Source cves: CVE-2013-4660 Source advisory: OSV:GHSA-XXVW-45RP-3MJ2...