VYPR

rpm package

opensuse/cockpit-d-installer&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/cockpit-d-installer&distro=openSUSE%20Tumbleweed

Vulnerabilities (1)

  • CVE-2023-28154Mar 13, 2023
    affected < 0.8.1~1-5.1fixed 0.8.1~1-5.1

    Webpack 5 before 5.76.0 does not avoid cross-realm object access. ImportParserPlugin.js mishandles the magic comment feature. An attacker who controls a property of an untrusted object can obtain access to the real global object.