Updated translation files #11
Merged
NShiftKey / NShiftKey - open source vulnerability check
required action
Apr 17, 2024 in 1m 9s
Summary
- 15 security issue(s)
- High : 10
- Medium : 4
- Low : 1
Details
NShiftKey
-
tree-kill: 1.2.1
-
-
CVE-2019-15599 [CVE link] [ignore this]
- Description : Command Injection in tree-kill
- Description : Command Injection in tree-kill
-
-
-
moment: 2.24.0
-
-
CVE-2022-24785 [CVE link] [ignore this]
- Description : Path Traversal: 'dir/../../filename' in moment.locale
- Description : Path Traversal: 'dir/../../filename' in moment.locale
-
CVE-2022-31129 [CVE link] [ignore this]
- Description : Moment.js vulnerable to Inefficient Regular Expression Complexity
- Description : Moment.js vulnerable to Inefficient Regular Expression Complexity
-
CVE-2023-22467 [CVE link] [ignore this]
- Description : Moment.js vulnerable to Inefficient Regular Expression Complexity
- Description : Moment.js vulnerable to Inefficient Regular Expression Complexity
-
GHSA-3xq5-wjfh-ppjc [CVE link] [ignore this]
- Description : Moment.js vulnerable to Inefficient Regular Expression Complexity
- Description : Moment.js vulnerable to Inefficient Regular Expression Complexity
-
-
-
decompress: 4.2.0
-
-
CVE-2020-12265 [CVE link] [ignore this]
- Description : Path Traversal in decompress
- Description : Path Traversal in decompress
-
-
-
google-protobuf: 3.20.1
-
-
CVE-2022-3171 [CVE link] [ignore this]
- Description : A parsing issue with binary data in protobuf-java core and lite versions prior to 3.21.7, 3.20.3, 3.19.6 and 3.16.3 can lead to a denial of service attack. Inputs containing multiple instances of non-repeated embedded messages with repeated or unknown fields causes objects to be converted back-n-forth between mutable and immutable forms, resulting in potentially long garbage collection pauses. We recommend updating to the versions mentioned above.
- Description : A parsing issue with binary data in protobuf-java core and lite versions prior to 3.21.7, 3.20.3, 3.19.6 and 3.16.3 can lead to a denial of service attack. Inputs containing multiple instances of non-repeated embedded messages with repeated or unknown fields causes objects to be converted back-n-forth between mutable and immutable forms, resulting in potentially long garbage collection pauses. We recommend updating to the versions mentioned above.
-
-
-
semver: 7.3.2
- File
-
-
CVE-2022-25883 [CVE link] [ignore this]
- Description : semver vulnerable to Regular Expression Denial of Service
- Description : semver vulnerable to Regular Expression Denial of Service
-
-
arduino-ide-extension: 2.3.3
-
-
GHSA-7884-8cw4-qpgx [CVE link] [ignore this]
- Description : Malicious code in arduino-ide-extension (npm)
- Description : Malicious code in arduino-ide-extension (npm)
-
-
-
yaml: 1.10.2
-
-
CVE-2022-3064 [CVE link] [ignore this]
- Description : Parsing malicious or large YAML documents can consume excessive amounts of CPU or memory.
- Description : Parsing malicious or large YAML documents can consume excessive amounts of CPU or memory.
-
-
-
CVE-2021-4235 [CVE link] [ignore this]
- Description : Due to unbounded alias chasing, a maliciously crafted YAML file can cause the system to consume significant system resources. If parsing user input, this may be used as a denial of service vector.
- Description : Due to unbounded alias chasing, a maliciously crafted YAML file can cause the system to consume significant system resources. If parsing user input, this may be used as a denial of service vector.
-
-
-
node-fetch: 2.6.1
-
-
CVE-2022-0235 [CVE link] [ignore this]
- Description : node-fetch forwards secure headers to untrusted sites
- Description : node-fetch forwards secure headers to untrusted sites
-
-
Loading