VYPR

rpm package

opensuse/python-nbdime&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/python-nbdime&distro=openSUSE%20Tumbleweed

Vulnerabilities (4)

  • CVE-2025-54798Aug 7, 2025
    affected < 4.0.2-23.1fixed 4.0.2-23.1

    tmp is a temporary file and directory creator for node.js. In versions 0.2.3 and below, tmp is vulnerable to an arbitrary temporary file / directory write via symbolic link dir parameter. This is fixed in version 0.2.4.

  • CVE-2025-7783CriJul 18, 2025
    affected < 4.0.2-21.1fixed 4.0.2-21.1

    Use of Insufficiently Random Values vulnerability in form-data allows HTTP Parameter Pollution (HPP). This vulnerability is associated with program files lib/form_data.Js. This issue affects form-data: < 2.5.4, 3.0.0 - 3.0.3, 4.0.0 - 4.0.3.

  • CVE-2025-5889LowJun 9, 2025
    affected < 4.0.2-20.1fixed 4.0.2-20.1

    A vulnerability was found in juliangruber brace-expansion up to 1.1.11/2.0.1/3.0.0/4.0.0. It has been rated as problematic. Affected by this issue is the function expand of the file index.js. The manipulation leads to inefficient regular expression complexity. The attack may be l

  • CVE-2024-21538HigNov 8, 2024
    affected < 4.0.2-18.1fixed 4.0.2-18.1

    Versions of the package cross-spawn before 6.0.6, from 7.0.0 and before 7.0.5 are vulnerable to Regular Expression Denial of Service (ReDoS) due to improper input sanitization. An attacker can increase the CPU usage and crash the program by crafting a very large and well crafted