pkg:npm/renovate

  1. Home
  2. Packages
  3. npm
  4. renovate
Type npm
Name renovate

Known advisories, vulnerabilities and fixes for renovate package.

Repository
https://www.npmjs.com/package/renovate
Moderate 3
Type Version Distribution # CVEs # Advisory ID Title Severity Published
Affected >= 19.180.0, < 23.25.1 npm NPM:GHSA-36RH-GGPR-J3GJ Renovate vulnerable to Azure DevOps token leakage in logs moderate 2020-09-14T16:38:40
(3 years ago)
Fixed = 23.25.1 npm NPM:GHSA-36RH-GGPR-J3GJ Renovate vulnerable to Azure DevOps token leakage in logs moderate 2020-09-14T16:38:40
(3 years ago)
Affected >= 37.158.0, < 37.199.0 npm NPM:GHSA-RQGV-292V-5QGR Renovate vulnerable to arbitrary command injection via helmv3 manager and registryAliases moderate 2024-04-23T16:21:09
(3 months ago)
Fixed = 37.199.0 npm NPM:GHSA-RQGV-292V-5QGR Renovate vulnerable to arbitrary command injection via helmv3 manager and registryAliases moderate 2024-04-23T16:21:09
(3 months ago)
Affected >= 13.87.0, < 19.38.7 npm NPM:GHSA-V7X3-7HW7-PCJG Renovate vulnerable to leakage of temporary repository tokens into Pull Request comments moderate 2019-10-21T16:02:33
(4 years ago)
Fixed = 19.38.7 npm NPM:GHSA-V7X3-7HW7-PCJG Renovate vulnerable to leakage of temporary repository tokens into Pull Request comments moderate 2019-10-21T16:02:33
(4 years ago)