Security
Headlines
HeadlinesLatestCVEs

Headline

GHSA-8r6j-v8pm-fqw3: Code injection in fsevents

fsevents before 1.2.11 depends on the https://fsevents-binaries.s3-us-west-2.amazonaws.com URL, which might allow an adversary to execute arbitrary code if any JavaScript project (that depends on fsevents) distributes code that was obtained from that URL at a time when it was controlled by an adversary.

ghsa
#amazon#git#java

Code injection in fsevents

Moderate severity GitHub Reviewed Published Oct 6, 2023 to the GitHub Advisory Database • Updated Oct 9, 2023

Related news

CVE-2023-45311: hugo-cloudflare-docs/package-lock.json at e0f7cfa195af8ef1bfa51a487be7d34ba298ed06 · cloudflare/hugo-cloudflare-docs

fsevents before 1.2.11 depends on the https://fsevents-binaries.s3-us-west-2.amazonaws.com URL, which might allow an adversary to execute arbitrary code if any JavaScript project (that depends on fsevents) distributes code that was obtained from that URL at a time when it was controlled by an adversary.

ghsa: Latest News

GHSA-8gc2-vq6m-rwjw: Amazon Redshift Python Connector vulnerable to SQL Injection