The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of Node.js Modules ~ not comprehensive

Node.js rrgod: code execution via Malicious Package
An attacker can use a vulnerability via Malicious Package of Node.js rrgod, in order to run code...
VIGILANCE-VUL-28252
Node.js commander-js: code execution via Malicious Package
An attacker can use a vulnerability via Malicious Package of Node.js commander-js, in order to run code...
VIGILANCE-VUL-28251
Node.js generate-password: information disclosure via Weak PRNG
An attacker can bypass access restrictions to data via Weak PRNG of Node.js generate-password, in order to obtain sensitive information...
VIGILANCE-VUL-28199
Node.js rails-session-decoder: information disclosure via Unchecked Cookies MAC
An attacker can bypass access restrictions to data via Unchecked Cookies MAC of Node.js rails-session-decoder, in order to obtain sensitive information...
VIGILANCE-VUL-28127
Node.js jingo: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Node.js jingo, in order to run JavaScript code in the context of the web site...
VIGILANCE-VUL-28059
Node.js cordova-plugin-ionic-webview: directory traversal
An attacker can traverse directories of Node.js cordova-plugin-ionic-webview, in order to read a file outside the service root path...
VIGILANCE-VUL-28038
Node.js underscore.string: denial of service via Regular Expression
An attacker can generate a fatal error via Regular Expression of Node.js underscore.string, in order to trigger a denial of service...
VIGILANCE-VUL-28017
Node.js knightjs: directory traversal
An attacker can traverse directories of Node.js knightjs, in order to read a file outside the service root path...
VIGILANCE-VUL-27991
Node.js tianma-static: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Node.js tianma-static, in order to run JavaScript code in the context of the web site...
VIGILANCE-VUL-27913
Node.js takeapeek: directory traversal
An attacker can traverse directories of Node.js takeapeek, in order to read a file outside the service root path...
VIGILANCE-VUL-27912
Our database contains other pages. You can request a free trial to read them.

Display information about Node.js Modules ~ not comprehensive: