Description
Severity: LOW Target: /workspace/pepr/src/lib/assets/rbac.ts Endpoint: Kubernetes RBAC configuration Method: Deployment
Recommendation
Update the pepr package to the latest compatible version. Followings are version details:
- Affected version(s): < 1.0.5
- Patched version(s): 1.0.5
References
Related Issues
- ApostropheCMS has Arbitrary File Write (Zip Slip / Path Traversal) in Import-Export Gzip Extraction - CVE-2026-32731
- Feathers has a NoSQL Injection via WebSocket id Parameter in MongoDB Adapter - CVE-2026-29793
- Systeminformation has a Command Injection via unsanitized interface parameter in wifi.js retry path - CVE-2026-26280
- StudioCMS has Privilege Escalation via Insecure API Token Generation - CVE-2026-30944
- Tags:
- npm
- pepr
Anything's wrong? Let us know Last updated on January 16, 2026