cortexso (>=0.0.54 <=0.5.0-43) potentially affected by unknown CVE via cpu-instructions (>=0.0.10 <=0.0.11)

cpu-instructions NPM version =0.0.10, =0.0.54, =0.5.0-43 Source cves: unknown CVE Source advisory: OSV:MAL-2025-190838...

CVE-2020-4875

IBM Cognos Controller (versions 10.4.0, 10.4.1, 10.4.2) is affected by CVE-2020-4875: an XML External Entity Injection (XXE) when processing XML data, enabling a remote attacker to expose sensitive information or exhaust memory. Remediation is to upgrade to fixed builds: 10.4.0 IF11, 10.4.1 IF12,...