Lucene search
K

10 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2023/05/15 5:10 p.m.30 views

Security Bulletin: Open Source Dependency Vulnerability

Summary IBM Edge Application Manager 4.5 has resolved the vulnerability. Vulnerability Details CVEID:CVE-2021-29060 DESCRIPTION: Node.js Color-String module is vulnerable to a denial of service, caused by an error when the application is provided and checks a crafted invalid HWB string. By sendin...

5.3CVSS5.4AI score0.03134EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/02/01 9:27 p.m.21 views

Security Bulletin: Vulnerability in Node.js Color-String affects IBM Process Mining (CVE-2021-29060)

Summary There is a vulnerability in Node.js Color-String that could allow a local attacker to launch a dos attack. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability. Vulnerability Details CVEID:CVE-2021-29060 DESCRIPTION:...

5.3CVSS5.7AI score0.03134EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/10/13 2:12 p.m.27 views

Security Bulletin: Vulnerability in Node.js Color-String affects IBM Cloud Pak System (CVE-2021-29060)

Summary Vulnerability in Node.js Color-String affect IBM Cloud Pak System. IBM Cloud Pak System has addressed vulnerability. Vulnerability Details CVEID:CVE-2021-29060 DESCRIPTION: Node.js Color-String module is vulnerable to a denial of service, caused by an error when the application is provide...

5.3CVSS5.5AI score0.03134EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/05/24 6:34 p.m.87 views

Security Bulletin: Node.js as used by IBM Security QRadar Analyst Workflow App for IBM QRadar SIEM is vulnerable to multiple vulnerabilities

Summary Node.js as used by IBM Security QRadar Analyst Workflow App for IBM QRadar SIEM is vulnerable to multiple vulnerabilities. IBM Security QRadar Analyst Workflow App for IBM QRadar SIEM has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2020-28469 DESCRIPTION: Node.js...

7.5CVSS1.1AI score0.2241EPSS
Exploits8Affected Software1
RedhatCVE
RedhatCVE
added 2021/06/22 4:29 p.m.71 views

CVE-2021-29060

A Regular Expression Denial of Service ReDOS vulnerability was found in Color-String, which occurs when the application is provided and checks a crafted invalid HWB string. The highest threat from this vulnerability is to system availability...

5.3CVSS3.5AI score0.03134EPSS
Exploits1References4
vulnersOsv
vulnersOsv
added 2021/06/22 1:14 a.m.5 views

02-infrastructure (=1.0.0), 02vue_toast_demo (>=1.0.0 <=1.0.4) +13867 more potentially affected by CVE-2021-29060 via color-string (>=0.1.3 <=1.5.3)

color-string NPM version =0.1.3, =1.0.0, =1.0.4, =3.1.4, =5.0.0, =3.1.6, =0.0.1, =1.0.2, =2.0.0, =2.0.4 and more Source cves: CVE-2021-29060 Source advisory: OSV:GHSA-257V-VJ4P-3W2H...

5.3CVSS6.7AI score0.03134EPSS
Exploits1
OSV
OSV
added 2021/06/21 4:15 p.m.24 views

CVE-2021-29060

A Regular Expression Denial of Service ReDOS vulnerability was discovered in Color-String version 1.5.5 and below which occurs when the application is provided and checks a crafted invalid HWB string...

5.3CVSS5.2AI score0.03134EPSS
Exploits1References4
OSV
OSV
added 2021/06/21 4:15 p.m.3 views

UBUNTU-CVE-2021-29060

A Regular Expression Denial of Service ReDOS vulnerability was discovered in Color-String version 1.5.5 and below which occurs when the application is provided and checks a crafted invalid HWB string...

5.3CVSS6.8AI score0.03134EPSS
Exploits1References6
CVE
CVE
added 2021/06/21 3:45 p.m.112 views

CVE-2021-29060

CVE-2021-29060 is a ReDOS in the Node.js color-string module (Color-String) triggered by crafted HWB strings, with IBM security bulletins stating IBM Process Mining and IBM QRadar-related deployments are affected. The vulnerability affects Color-String 1.5.5 and earlier; remediation is to upgrade...

5.3CVSS5.3AI score0.03134EPSS
Exploits1References4Affected Software1
vulnersOsv
vulnersOsv
added 2021/03/05 5:36 p.m.4 views

@apollosproject/apollos-cli (>=2.43.1 <=3.0.0-canary.57), @apollosproject/react-native-make (>=3.0.4 <=3.0.5) +22 more potentially affected by CVE-2021-29060 via color-string (>=1.2.0 <=1.5.3)

color-string NPM version =1.2.0, =2.43.1, =3.0.4, =3.0.2, =1.0.0, =2.1.2, =3.0.1, =2.4.0, =3.2.4, =0.0.0-alpha.1, =0.0.0, =0.0.0, =0.0.0, =0.0.3, =0.0.0, =0.0.7 and more Source cves: CVE-2021-29060 Source advisory: SNYK:JS-COLORSTRING-1082939...

5.3CVSS6.7AI score0.03134EPSS
Exploits1
Rows per page
Query Builder