This page collects WhisperX intelligence signals tagged #CVE-2021-44906. It is designed for humans, search engines, and AI agents: each item links to a canonical source-backed record with sector, source, timestamp, credibility, and exportable structured data.
Datadog 的官方 Node.js 客户端库 `datadog-metrics` 的 0.8.1 版本被发现包含四个安全漏洞,其中最高严重性评分为 9.8 的“严重”级别。然而,漏洞扫描报告将这些漏洞标记为“不可达”,这一状态可能引发对依赖项安全评估真实风险的质疑。核心问题源于一个名为 `minimist` 的第三方库的过时版本,该库因原型污染漏洞(CVE-2021-44906)而臭名昭著,CVSS 评分高达 9.8。 具体而言,漏洞存在于 `[email protected]` 所依赖的 `[email protected]` 中。这是一个传递性依赖,意味着它并非由开发者直接引入,而是通过主库间接带入项目。报告明确指出,该...
A critical security flaw with a maximum severity score of 9.8 has been flagged within the build dependencies of the Shopware 6 administration interface. The vulnerability, CVE-2021-44906, resides in the transitive dependency `minimist-0.0.8.tgz`, which is pulled in by the library `pretty-2.0.0.tgz`. This library is use...