Max CVSS | 7.5 | Min CVSS | 5.0 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2019-5484 | 5.0 |
Bower before 1.8.8 has a path traversal vulnerability permitting file write in arbitrary locations via install command, which allows attackers to write arbitrary files when a malicious package is extracted.
|
28-02-2023 - 19:36 | 13-09-2019 - 18:15 | |
CVE-2019-5413 | 7.5 |
An attacker can use the format parameter to inject arbitrary commands in the npm package morgan < 1.9.1.
|
09-10-2019 - 23:50 | 21-03-2019 - 16:01 | |
CVE-2017-16137 | 5.0 |
The debug module is vulnerable to regular expression denial of service when untrusted user input is passed into the o formatter. It takes around 50k characters to block for 2 seconds making this a low severity issue.
|
09-10-2019 - 23:24 | 07-06-2018 - 02:29 |