VYPR

rpm package

opensuse/cockpit-agama&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/cockpit-agama&distro=openSUSE%20Tumbleweed

Vulnerabilities (1)

  • CVE-2023-28154Mar 13, 2023
    affected < 2.1+0-1.1fixed 2.1+0-1.1

    Webpack 5 before 5.76.0 does not avoid cross-realm object access. ImportParserPlugin.js mishandles the magic comment feature. An attacker who controls a property of an untrusted object can obtain access to the real global object.