Linux Distros Unpatched Vulnerability : CVE-2018-12556

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The signature verification routine in install.sh in yarnpkg/website through 2018-06-05 only verifies that the yarn release is signed by any arbitrary key in the...

Moderate: Red Hat Security Advisory: nodejs:12 security and bug fix update

An update for the nodejs:12 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

nodejs:12 security and bug fix update

An update is available for nodejs-nodemon, nodejs-packaging. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Node.js is a software development platform for...

RLSA-2020:5499 Moderate: nodejs:12 security and bug fix update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: nodejs-y18n: prototype pollution vulnerability CVE-2020-7774 c-ares: aresparsea,aaaareply insufficient naddrttls validation DoS CVE-2020-8277...

Arbitrary File Write

yarn is vulnerable to arbitrary file write. A combination of symlink attack and directory traversal allows an attacker to write arbitrary files on the system when performing yarn install...