Directory Traversal

Overview Affected versions of wffserve resolve relative file paths, resulting in a directory traversal vulnerability. A malicious actor can use this vulnerability to access files outside of the intended directory root, which may result in the disclosure of private files on the vulnerable system...

Directory traversal

Overview Affected versions of pooledwebsocket resolve relative file paths, resulting in a directory traversal vulnerability. A malicious actor can use this vulnerability to access files outside of the intended directory root, which may result in the disclosure of private files on the vulnerable...

ReDoS

Overview Affected versions of brace-expansion are vulnerable to a regular expression denial of service condition. Proof of Concept var expand = require'brace-expansion'; expand',,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,\n'; Recommendation...

Regular Expression Denial of Service

Overview Affected versions of decamelize are susceptible to a denial of service vulnerability when user input is passed directly into decamelize. Recommendation Update to version 1.1.2 or later. References - Issue 5 - GitHub Advisory...

Downloads Resources over HTTP

Overview Affected versions of jdf-sass insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution on...

Downloads Resources over HTTP

Overview imageoptim is a Node.js wrapper for some images compression algorithms. imageoptim downloads zipped resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested tarball with an attacker controlled...

Command injection in json

Overview In versions of json before 10.0.0. It is possible to inject arbritary commands using the parseLookup function. Recommendation Upgrade to version 10.0.0 or later References - CVE - GitHub Advisory...

Regular Expression Denial of Service

Overview Affected versions of nwmatcher are vulnerable to Regular Expression Denial of Service ReDoS. This can cause an impact of about 10 seconds matching time for data 2k characters long. Recommendation Upgrade to version 1.4.4 or later References - WhiteSource Advisory - Snyk Advisory - GitHub...

Malicious Package

Overview All versions of http-proxy-middelware contain malicious code. The index.js file attempts to download a file from a remote server and execute it. The file is not run upon installation - the package needs to be required or the index.js run manually. The package contains a typo in its code...

Malicious Package

Overview From https://blog.sonatype.com/sonatype-spots-more-discord-malware-in-npm?hspreview=BbDPGbfh-40737456755: The malicious packages were detected by Sonatype’s Security Research Team leveraging Sonatype’s Nexus Intelligence research service. On analyzing these packages closely, our Security...

Prototype Pollution

Overview Versions of dot-prop before 4.2.1 or 5.1.1 are vulnerable to prototype pollution. The function set does not restrict the modification of an Object's prototype, which may allow an attacker to add or modify an existing property that will exist on all objects. Recommendation Upgrade to...

Remote Code Execution

Overview Affected versions of electron may be susceptible to a remote code execution flaw when certain conditions are met: 1. The electron application is running on Windows. 2. The electron application registers as the default handler for a protocol, such as nodeapp://. This vulnerability is caus...

Chromium Remote Code Execution

Overview Affected versions of ElectronJS are susceptible to a remote code execution vulnerability that occurs when an affected application access remote content, even if the sandbox option is enabled. Recommendation Update to electron version 1.7.8 or later. References - Electron Blog - Chromium...

Regular Expression Denial of Service

Overview Affected versions of slug are vulnerable to a regular expression denial of service when parsing untrusted user input. The issue is low severity, as it takes 50,000 characters to cause the event loop to block for 2 seconds, About 50k characters can block the event loop for 2 seconds...

Regular Expression Denial of Service

Overview Affected versions of parsejson are vulnerable to a regular expression denial of service when parsing untrusted user input. Recommendation The parsejson package has not been functionally updated since it was initially released. Additionally, it provides functionality which is natively...

Directory Traversal

Overview Affected versions of calmquist.static-server resolve relative file paths, resulting in a directory traversal vulnerability. A malicious actor can use this vulnerability to access files outside of the intended directory root, which may result in the disclosure of private files on the...

Directory Traversal

Overview Affected versions of serverhuwenhui resolve relative file paths, resulting in a directory traversal vulnerability. A malicious actor can use this vulnerability to access files outside of the intended directory root, which may result in the disclosure of private files on the vulnerable...

Directory Traversal

Overview Affected versions of xtalk are vulnerable to directory traversal, allowing access to the filesystem by placing "../" in the URL. Proof of Concept GET /../../../../../../../../../../etc/passwd HTTP/1.1 host:localhost Recommendation No patch is currently available for this vulnerability, a...

Arbitrary File Read

Overview Affected versions of fury-adapter-swagger have a weakness that allows an attacker to read arbitrary files off of the system. This can be used to read sensitive data, or to cause a denial of service condition by attempting to read something like /dev/zero. Proof of Concept: --- swagger:...

Downloads Resources over HTTP

Overview Affected versions of prince insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution on th...

UNIX Symbolic Link (Symlink) Following

Overview Impact Arbitrary File Creation, Arbitrary File Overwrite, Arbitrary Code Execution @npmcli/arborist, the library that calculates dependency trees and manages the nodemodules folder hierarchy for the npm command line interface, aims to guarantee that package dependency contracts will be...

UNIX Symbolic Link (Symlink) Following

Overview Impact Arbitrary File Creation, Arbitrary File Overwrite, Arbitrary Code Execution @npmcli/arborist, the library that calculates dependency trees and manages the nodemodules folder hierarchy for the npm command line interface, aims to guarantee that package dependency contracts will be...

Authorization Bypass

Overview admin/src/containers/InputModalStepperProvider/index.js in strapi before 3.2.5 has unwanted /proxy?url= functionality. Recommendation Upgrade to version 3.2.5 or later References - CVE - GitHub Advisory...

Prototype Pollution

Overview Versions of merge before 2.1.1 are vulnerable to Prototype Pollution via recursiveMerge . Recommendation Upgrade to version 2.1.1 or later References - CVE - GitHub Advisory...

Cross-Site Scripting (XSS)

Overview In docsify before version 4.12.0 it is possible to bypass the remediation done by CVE-2020-7680 and execute malicious JavaScript through the following methods: - When parsing HTML from remote URLs, the HTML code on the main page is sanitized, but this sanitization is not taking place in...

Prototype Override

Overview Affected versions of querystringify are vulnerable to Prototype Override. If a malicious string is inserted in the query string, it will set the tostring method of the object to the true boolean. Recommendation Upgrade to version 2.0.0 or later References - WhiteSource Advisory - Snyk...

Malicious Package

Overview All versions of nodetest199 contain malicious code. Upon installation the package opens a shell to a remote server. The package affects both Windows and nix systems. Recommendation Any computer that has this package installed or running should be considered fully compromised. All secrets...

Directory Traversal

Overview Affected versions of reecerver resolve relative file paths, resulting in a directory traversal vulnerability. A malicious actor can use this vulnerability to access files outside of the intended directory root, which may result in the disclosure of private files on the vulnerable system...

Directory Traversal

Overview Affected versions of liuyaserver resolve relative file paths, resulting in a directory traversal vulnerability. A malicious actor can use this vulnerability to access files outside of the intended directory root, which may result in the disclosure of private files on the vulnerable syste...

Directory Traversal

Overview Affected versions of desafio resolve relative file paths, resulting in a directory traversal vulnerability. A malicious actor can use this vulnerability to access files outside of the intended directory root, which may result in the disclosure of private files on the vulnerable system...

Directory Traversal

Overview tmock is a static file server. tmock is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. Example Request: GET /../../../../../../../../../../etc/passwd HTTP/1.1 host: localhost and server Response: HTTP/1.1 200 OK Date:...

Directory Traversal

Overview Affected versions of serverwzl resolve relative file paths, resulting in a directory traversal vulnerability. A malicious actor can use this vulnerability to access files outside of the intended directory root, which may result in the disclosure of private files on the vulnerable system...

Directory Traversal

Overview Affected versions of serveryztyzt resolve relative file paths, resulting in a directory traversal vulnerability. A malicious actor can use this vulnerability to access files outside of the intended directory root, which may result in the disclosure of private files on the vulnerable...

Directory Traversal

Overview Affected versions of cyber-js resolve relative file paths, resulting in a directory traversal vulnerability. A malicious actor can use this vulnerability to access files outside of the intended directory root, which may result in the disclosure of private files on the vulnerable system...

Deserialization Code Execution

Overview Versions 2.0.4 and earlier of js-yaml are affected by a code execution vulnerability in the YAML deserializer. Proof of Concept const yaml = require'js-yaml'; const x = test: !!js/function function f console.log1; ; yaml.loadx; Recommendation Update js-yaml to version 2.0.5 or later, and...

Command Injection

Overview Impact Anyone using shescape to defend against shell injection may still be vulnerable against shell injection if the attacker manages to insert a null character into the payload. For example on Windows: javascript const cp = require"childprocess"; const shescape = require"shescape"; con...

Exposure of internal HTTP resources

Overview In highcharts-export-server before version 2.1.0 there is a vulnerability that allows exposure of internal HTTP resources. Impact The vulnerability allows for reading and outputting files served by other services on the internal network in which the export server is hosted. If the export...

Directory Traversal

Overview Impact Clients of FTP servers utilizing ftp-srv hosted on Windows machines can escape the FTP user's defined root folder using the expected FTP commands, for example, CWD and UPDR. Background When windows separators exist within the path , path.resolve leaves the upper pointers intact an...

Malicious Package

Overview The package xpc.js contained malicious code. The package ran a postinstall script that executes two.exe files containing Trojan malware. Recommendation Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that...

Prototype Pollution

Overview A prototype pollution vulnerability has been found in object-path = 0.11.0 is used, which has to be explicitly enabled by creating a new instance of object-path and setting the option includeInheritedProps: true, or by using the default withInheritedProps instance. The default operating...

Directory Traversal

Overview Affected versions of nodeload-nmickuli resolve relative file paths, resulting in a directory traversal vulnerability. A malicious actor can use this vulnerability to access files outside of the intended directory root, which may result in the disclosure of private files on the vulnerable...

Regular Expression Denial of Service

Overview Affected versions of minimatch are vulnerable to regular expression denial of service attacks when user input is passed into the pattern argument of minimatchpath, pattern. Proof of Concept var minimatch = require“minimatch”; // utility function for generating long strings var genstr =...

Regular Expression Denial Of Service

Overview Affected versions of uri-js is susceptible to a regular expression denial of service vulnerability when user input is sent to the .parse method. Recommendation Update to v3.0.0 or later. References - Issue 12 - GitHub Advisory...

Code Injection

Overview oauth2-server aka node-oauth2-server through 3.1.1 implements OAuth 2.0 without PKCE. It does not prevent authorization code injection. This is similar to CVE-2020-7692. NOTE: the vendor states 'As RFC7636 is an extension, I think the claim in the Readme of "RFC 6749 compliant" is valid...

Regular Expression Denial of Service

Overview Affected versions of mime are vulnerable to regular expression denial of service when a mime lookup is performed on untrusted user input. Recommendation Update to version 2.0.3 or later. References - Issue 167 - GitHub Advisory...

Directory Traversal

Overview Affected versions of serverabc resolve relative file paths, resulting in a directory traversal vulnerability. A malicious actor can use this vulnerability to access files outside of the intended directory root, which may result in the disclosure of private files on the vulnerable system...

Directory Traversal

Overview Affected versions of quickserver resolve relative file paths, resulting in a directory traversal vulnerability. A malicious actor can use this vulnerability to access files outside of the intended directory root, which may result in the disclosure of private files on the vulnerable syste...

Directory Traversal

Overview Affected versions of susu-sum resolve relative file paths, resulting in a directory traversal vulnerability. A malicious actor can use this vulnerability to access files outside of the intended directory root, which may result in the disclosure of private files on the vulnerable system...

Directory Traversal

Overview Affected versions of sgqserve resolve relative file paths, resulting in a directory traversal vulnerability. A malicious actor can use this vulnerability to access files outside of the intended directory root, which may result in the disclosure of private files on the vulnerable system...

Directory Traversal

Overview Affected versions of looppake resolve relative file paths, resulting in a directory traversal vulnerability. A malicious actor can use this vulnerability to access files outside of the intended directory root, which may result in the disclosure of private files on the vulnerable system...