CloudIaC-web icon indicating copy to clipboard operation
CloudIaC-web copied to clipboard

Published 20 hours ago verified publisher icon idcos

Metadata

Cloud Infrastructure as Code of Web

Results 1 CloudIaC-web issues
Sort by recently updated
recently updated
newest added

同学,您这个项目引入了1180个开源组件,存在16个漏洞,辛苦升级一下

1 comment

检测到 idcos/CloudIaC-web 一共引入了1180个开源组件,存在16个漏洞 ``` 漏洞标题:Npm Node-tar 后置链接漏洞 缺陷组件:[email protected] 漏洞编号:CVE-2021-37701 漏洞描述:node-tar是一款用于文件压缩/解压缩的软件包。 Npm Node-tar 中存在后置链接漏洞,该漏洞源于产品未对特殊字符做有效验证。攻击者可通过该漏洞在其他路径创建恶意文件。 影响范围:[6.0.0, 6.1.7) 最小修复版本:6.1.7 缺陷组件引入路径:[email protected]>[email protected]>[email protected]>[email protected] [email protected]>[email protected]>[email protected]>[email protected]>[email protected] ``` 另外还有16个漏洞,详细报告:https://mofeisec.com/jr?p=aa0846

ghost avatar ghost

Metadata

18
Stars
5
Forks
Watchers

Owner

verified publisher icon idcos

Metadata

Cloud Infrastructure as Code of Web

Back