Nodejs resource management error vulnerability
Denial of Service
Nodejs is a JavaScript running environment based on the Chrome V8 engine. By encapsulating the Chrome 8 engine and using event driven and non blocking IO applications, it is possible for Javascript to develop high-performance background applications. There is a security vulnerability in nodejs global parent, which originates from the denial of service of regular expression.
Qt security vulnerability
Qt is a cross platform C++application development framework of Qt Company in Norway. It is widely used to develop GUI programs, and in this case, it is also called part toolbox. It can also be used to develop non GUI programs, such as console tools and servers. Qt on Linux and UNIX platforms from 5.9. x to 5.15.8 and before 6.2.4 has a security vulnerability. The vulnerability is due to QProcess's ability to execute binary files from the current working directory when it cannot be found in the path..
Qt path traversal vulnerability
path traversal
Qt is a cross platform C++application development framework of Qt Company in Norway. It is widely used to develop GUI programs, and in this case, it is also called part toolbox. It can also be used to develop non GUI programs, such as console tools and servers. Qt before 5.15.8 and 6. X to 6.2.3 has a security vulnerability. The vulnerability is due to the lack of directory restrictions on the software, which can load system library files from an unexpected working directory. At present, no detailed vulnerability details are provided.
Async security vulnerability
Prototype contamination
Async is a practical module developed by Caolan McMahon in the UK. Used to use asynchronous JavaScript. Async 3.2.1 and earlier has a security vulnerability, which originates from the mapValues() method. An attacker can gain privileges through the mapValues() method.
Trim newlines security vulnerability
Denial of Service
Trim newlines is an npm package that modifies line breaks. There is a security vulnerability in trim newlines, which is due to the related problem with the. end() method applied to Node.js in 3.0.1, 4.0.1 and earlier versions.
No more
Loading failed, please refresh the page