Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Tue, 13 May 2014 09:36:35 +0800
From: Paul Wise <>
Subject: CVE request: various NodeJS module vulnerabilities

Hi all,

This is a request for CVEs for the following vulnerabilities discovered
by the Node Security Project. I left out their advisories where I could
find an assigned CVE;

CVE-2013-7370 CVE-2013-7371 CVE-2013-6393 CVE-2013-4660

printer potential command injection on untrusted input
hapi file descriptor leak can cause DoS vulnerability

marked multiple content injection vulnerabilities

st directory traversal

codem-transcode potential command injection in ffprobe functionality
Hubot Scripts Potential command injection in

Tomato API Admin Auth Weakness

ep_imageconvert unauthenticated remote command injection

potential command injection in libnotify.notify


[ CONTENT OF TYPE application/pgp-signature SKIPPED ]

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ