[ { "id": 709447716, "name": "CVE-2023-37478_npm_vs_pnpm", "full_name": "TrevorGKann\/CVE-2023-37478_npm_vs_pnpm", "owner": { "login": "TrevorGKann", "id": 43127252, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43127252?v=4", "html_url": "https:\/\/github.com\/TrevorGKann" }, "html_url": "https:\/\/github.com\/TrevorGKann\/CVE-2023-37478_npm_vs_pnpm", "description": "CVE-2023-37478 showcases how a difference in npm and pnpm install packages that could be exploited by a well crafted tar.gz packge. This repo shows a demo. ", "fork": false, "created_at": "2023-10-24T18:32:30Z", "updated_at": "2023-10-24T19:41:04Z", "pushed_at": "2023-10-25T22:36:59Z", "stargazers_count": 0, "watchers_count": 0, "has_discussions": false, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 0, "score": 0, "subscribers_count": 1 }, { "id": 714018337, "name": "CVE-2023-37478-Demo", "full_name": "li-minhao\/CVE-2023-37478-Demo", "owner": { "login": "li-minhao", "id": 55085686, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55085686?v=4", "html_url": "https:\/\/github.com\/li-minhao" }, "html_url": "https:\/\/github.com\/li-minhao\/CVE-2023-37478-Demo", "description": null, "fork": false, "created_at": "2023-11-03T18:26:52Z", "updated_at": "2023-11-03T18:29:22Z", "pushed_at": "2023-11-07T00:29:23Z", "stargazers_count": 0, "watchers_count": 0, "has_discussions": false, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 0, "score": 0, "subscribers_count": 1 } ]