← Toutes les vulnérabilités

MEDIUMSupply chain

GHSA-3PVJ-JV98-QHJQ

npm · chrome-devtools-mcp

Résumé

Chrome DevTools for agents: daemon.pid write follows symlinks in /tmp fallback runtime directory

Références

Vulnérabilités liées

Tout Supply chain →

CRITICALGHSA-2JQ4-Q6VV-4CP3
Crawl4AI: Arbitrary file write (path traversal) in crawler downloads can lead to RCE
LOWGHSA-RVP7-W75Q-9FV2
BBOT: Symlink-Following Arbitrary Write via github_workflows Module
MEDIUMGHSA-Q6R4-3WMG-FWCQ
Podman: WORKDIR symlink traversal vulnerability
HIGHGHSA-7CX2-G3H9-382P
Crawl4AI: Arbitrary file write (symlink/TOCTOU) plus log and webhook-header injection in Docker server
MEDIUMGHSA-FW87-FV5R-9FPW
Hugo: Symlink confinement bypass in resources.Get
MEDIUMGHSA-Q59X-JC9F-GFQF
Signal K Server: Server-Side Request Forgery via Remote Connection Endpoints