7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
7.9 High
AI Score
Confidence
High
5.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:P/A:P
0.01 Low
EPSS
Percentile
83.7%
A vulnerability in the Browserify-sign cryptographic functionality duplication package is related to the
upper bound check in the dsaVerify() function. Exploitation of the vulnerability could allow an attacker,
acting remotely, to create signatures that can be successfully verified by any public key,
resulting in a signature forgery attack
A vulnerability in the implementation of the _.zipObjectDeep() method of the Lodash library is related to the allocation of unlimited
memory. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service or execute arbitrary code.
or execute arbitrary code
A vulnerability in the MessagePack NodeJS/JavaScript msgpackr implementation is related to the ability for users to
to start hung threads by creating messages that looped the decoder. Exploiting the vulnerability
could allow an attacker acting remotely to cause a denial of service
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
redos | 7.3 | x86_64 | opensearch-dashboards | <= 2.11.1-2 | UNKNOWN |
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
7.9 High
AI Score
Confidence
High
5.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:P/A:P
0.01 Low
EPSS
Percentile
83.7%