 |
Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | ||
| ID de Prueba: | 1.3.6.1.4.1.25623.1.1.10.2022.0103 |
| Categoría: | Mageia Linux Local Security Checks |
| Título: | Mageia: Security Advisory (MGASA-2022-0103) |
| Resumen: | The remote host is missing an update for the 'nodejs-tar' package(s) announced via the MGASA-2022-0103 advisory. |
| Descripción: | Summary: The remote host is missing an update for the 'nodejs-tar' package(s) announced via the MGASA-2022-0103 advisory. Vulnerability Insight: Untrusted tar file to symlink into an arbitrary location allowing file overwrites. (CVE-2021-37712) Arbitrary file creation/overwrite and arbitrary code execution. (CVE-2021-37701) Arbitrary File Creation/Overwrite vulnerability via insufficient symlink protection. (CVE-2021-32803) Arbitrary File Creation/Overwrite vulnerability due to insufficient absolute path sanitization (CVE-2021-32804) Affected Software/OS: 'nodejs-tar' package(s) on Mageia 8. Solution: Please install the updated package(s). CVSS Score: 5.8 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:P |
| Referencia Cruzada: |
Common Vulnerability Exposure (CVE) ID: CVE-2021-32803 https://github.com/npm/node-tar/security/advisories/GHSA-r628-mhmh-qjhw https://github.com/npm/node-tar/commit/9dbdeb6df8e9dbd96fa9e84341b9d74734be6c20 https://www.npmjs.com/advisories/1771 https://www.npmjs.com/package/tar https://www.oracle.com/security-alerts/cpuoct2021.html Common Vulnerability Exposure (CVE) ID: CVE-2021-32804 https://github.com/npm/node-tar/security/advisories/GHSA-3jfq-g458-7qm9 https://github.com/npm/node-tar/commit/1f036ca23f64a547bdd6c79c1a44bc62e8115da4 https://www.npmjs.com/advisories/1770 Common Vulnerability Exposure (CVE) ID: CVE-2021-37701 https://github.com/npm/node-tar/security/advisories/GHSA-9r2w-394v-53qc Debian Security Information: DSA-5008 (Google Search) https://www.debian.org/security/2021/dsa-5008 https://lists.debian.org/debian-lts-announce/2022/12/msg00023.html Common Vulnerability Exposure (CVE) ID: CVE-2021-37712 https://github.com/npm/node-tar/security/advisories/GHSA-qq89-hq3f-393p |
| Copyright | Copyright (C) 2022 Greenbone AG |
| Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |