Количество 35
Количество 35
RLSA-2020:4272
Moderate: nodejs:12 security and bug fix update
ELSA-2020-4272
ELSA-2020-4272: nodejs:12 security and bug fix update (MODERATE)
openSUSE-SU-2020:1616-1
Security update for nodejs12
SUSE-SU-2020:2813-1
Security update for nodejs12
SUSE-SU-2020:2812-1
Security update for nodejs12
RLSA-2021:0548
Moderate: nodejs:10 security update
ELSA-2021-0548
ELSA-2021-0548: nodejs:10 security update (MODERATE)
openSUSE-SU-2020:1660-1
Security update for nodejs10
SUSE-SU-2020:2829-1
Security update for nodejs10
SUSE-SU-2020:2823-1
Security update for nodejs10
CVE-2020-15095
Versions of the npm CLI prior to 6.14.6 are vulnerable to an information exposure vulnerability through log files. The CLI supports URLs like "<protocol>://[<user>[:<password>]@]<hostname>[:<port>][:][/]<path>". The password value is not redacted and is printed to stdout and also to any generated log files.
CVE-2020-15095
Versions of the npm CLI prior to 6.14.6 are vulnerable to an information exposure vulnerability through log files. The CLI supports URLs like "<protocol>://[<user>[:<password>]@]<hostname>[:<port>][:][/]<path>". The password value is not redacted and is printed to stdout and also to any generated log files.
CVE-2020-15095
Versions of the npm CLI prior to 6.14.6 are vulnerable to an information exposure vulnerability through log files. The CLI supports URLs like "<protocol>://[<user>[:<password>]@]<hostname>[:<port>][:][/]<path>". The password value is not redacted and is printed to stdout and also to any generated log files.
CVE-2020-15095
Versions of the npm CLI prior to 6.14.6 are vulnerable to an informati ...
openSUSE-SU-2020:1644-1
Security update for nodejs8
SUSE-SU-2020:2870-1
Security update for nodejs8
GHSA-93f3-23rq-pjfp
npm CLI exposing sensitive information through logs
CVE-2020-8116
Prototype pollution vulnerability in dot-prop npm package versions before 4.2.1 and versions 5.x before 5.1.1 allows an attacker to add arbitrary properties to JavaScript language constructs such as objects.
CVE-2020-8116
Prototype pollution vulnerability in dot-prop npm package versions before 4.2.1 and versions 5.x before 5.1.1 allows an attacker to add arbitrary properties to JavaScript language constructs such as objects.
CVE-2020-8116
Prototype pollution vulnerability in dot-prop npm package versions before 4.2.1 and versions 5.x before 5.1.1 allows an attacker to add arbitrary properties to JavaScript language constructs such as objects.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | RLSA-2020:4272 Moderate: nodejs:12 security and bug fix update | больше 4 лет назад | ||
| ELSA-2020-4272 ELSA-2020-4272: nodejs:12 security and bug fix update (MODERATE) | больше 4 лет назад | ||
 | openSUSE-SU-2020:1616-1 Security update for nodejs12 | больше 4 лет назад | ||
| SUSE-SU-2020:2813-1 Security update for nodejs12 | больше 4 лет назад | ||
| SUSE-SU-2020:2812-1 Security update for nodejs12 | больше 4 лет назад | ||
| RLSA-2021:0548 Moderate: nodejs:10 security update | больше 4 лет назад | ||
| ELSA-2021-0548 ELSA-2021-0548: nodejs:10 security update (MODERATE) | больше 4 лет назад | ||
| openSUSE-SU-2020:1660-1 Security update for nodejs10 | больше 4 лет назад | ||
| SUSE-SU-2020:2829-1 Security update for nodejs10 | больше 4 лет назад | ||
| SUSE-SU-2020:2823-1 Security update for nodejs10 | больше 4 лет назад | ||
 | CVE-2020-15095 Versions of the npm CLI prior to 6.14.6 are vulnerable to an information exposure vulnerability through log files. The CLI supports URLs like "<protocol>://[<user>[:<password>]@]<hostname>[:<port>][:][/]<path>". The password value is not redacted and is printed to stdout and also to any generated log files. | CVSS3: 4.4 | 0% Низкий | почти 5 лет назад |
 | CVE-2020-15095 Versions of the npm CLI prior to 6.14.6 are vulnerable to an information exposure vulnerability through log files. The CLI supports URLs like "<protocol>://[<user>[:<password>]@]<hostname>[:<port>][:][/]<path>". The password value is not redacted and is printed to stdout and also to any generated log files. | CVSS3: 4.4 | 0% Низкий | почти 5 лет назад |
 | CVE-2020-15095 Versions of the npm CLI prior to 6.14.6 are vulnerable to an information exposure vulnerability through log files. The CLI supports URLs like "<protocol>://[<user>[:<password>]@]<hostname>[:<port>][:][/]<path>". The password value is not redacted and is printed to stdout and also to any generated log files. | CVSS3: 4.4 | 0% Низкий | почти 5 лет назад |
| CVE-2020-15095 Versions of the npm CLI prior to 6.14.6 are vulnerable to an informati ... | CVSS3: 4.4 | 0% Низкий | почти 5 лет назад |
| openSUSE-SU-2020:1644-1 Security update for nodejs8 | 0% Низкий | больше 4 лет назад | |
| SUSE-SU-2020:2870-1 Security update for nodejs8 | 0% Низкий | больше 4 лет назад | |
| GHSA-93f3-23rq-pjfp npm CLI exposing sensitive information through logs | CVSS3: 4.4 | 0% Низкий | почти 5 лет назад |
| CVE-2020-8116 Prototype pollution vulnerability in dot-prop npm package versions before 4.2.1 and versions 5.x before 5.1.1 allows an attacker to add arbitrary properties to JavaScript language constructs such as objects. | CVSS3: 7.3 | 0% Низкий | больше 5 лет назад |
| CVE-2020-8116 Prototype pollution vulnerability in dot-prop npm package versions before 4.2.1 and versions 5.x before 5.1.1 allows an attacker to add arbitrary properties to JavaScript language constructs such as objects. | CVSS3: 7.3 | 0% Низкий | больше 5 лет назад |
| CVE-2020-8116 Prototype pollution vulnerability in dot-prop npm package versions before 4.2.1 and versions 5.x before 5.1.1 allows an attacker to add arbitrary properties to JavaScript language constructs such as objects. | CVSS3: 7.3 | 0% Низкий | больше 5 лет назад |
Уязвимостей на страницу