ROOT-APP-NPM-CVE-2026-2229 CVE-2026-2229 in @rootio/undici - Patched by Root

Root has patched CVE-2026-2229 in the @rootio/undici package for Root:npm. Multiple fixed versions available...

RHCOS 4 : OpenShift Container Platform 4.5.13 jenkins (RHSA-2020:3841)

The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:3841 advisory. - jetty: double release of resource can lead to information disclosure CVE-2019-17638 - jenkins: user-specified tooltip values leads...

MINI-2229-PJX5-5FCF

Bulletin has no description...

RHEL 9 : nodejs:22 (RHSA-2026:7983)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:7983 advisory. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language...

nodejs22 security update

An update is available for nodejs22. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Node.js is a platform built on Chrome's JavaScript runtime \ for easily...

Important: Red Hat Security Advisory: nodejs:24 security update

An update for the nodejs:24 module is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

CVE-2026-2229 vulnerabilities

Vulnerabilities for packages: pelias-api, librechat, jitsucom-jitsu, renovate, code-server, kibana...

@01.software/cli (>=0.1.1 <=0.2.0-dev.260310.cf511cb), @01.software/sdk (>=0.0.1-251008.90016 <=0.3.0) +384 more potentially affected by CVE-2026-2229 via undici (>=7.0.0 <=7.22.0)

undici NPM version =7.0.0, =0.1.1, =0.0.1-251008.90016, =0.0.6, =0.0.2, =0.0.33, =0.0.1, =1.0.0, =21.0.0, =21.0.0, =0.5.0, =1.0.1, =12.6.9, =13.0.0-alpha.4 and more Source cves: CVE-2026-2229 Source advisory: OSV:GHSA-V9P9-HFJ2-HCW8...

@01.software/cli (>=0.1.1 <=0.2.0-dev.260310.cf511cb), @01.software/sdk (>=0.0.1-251008.90016 <=0.3.0) +385 more potentially affected by CVE-2026-2229 via undici (>=7.0.0-alpha.3 <=7.22.0)

undici NPM version =7.0.0-alpha.3, =0.1.1, =0.0.1-251008.90016, =0.0.6, =0.0.2, =0.0.33, =0.0.1, =1.0.0, =21.0.0, =21.0.0, =0.5.0, =1.0.1, =12.6.9, =13.0.0-alpha.4 and more Source cves: CVE-2026-2229 Source advisory: SNYK:JS-UNDICI-15518070...

CVE-2026-2229

ImpactThe undici WebSocket client is vulnerable to a denial-of-service attack due to improper validation of the servermaxwindowbits parameter in the permessage-deflate extension. When a WebSocket client connects to a server, it automatically advertises support for permessage-deflate compression. ...

CVE-2026-2229

creationtimestamp| type| source ---|---|--- 2026-03-12 20:16:25+00:00| seen| https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2026-2229 2026-03-12 20:35:36+00:00| seen| https://bsky.app/profile/ulisesgascon.com/post/3mgvasuufns2f 2026-03-12 21:36:37+00:00| seen|...

Linux Distros Unpatched Vulnerability : CVE-2022-2229

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An improper authorization issue in GitLab CE/EE affecting all versions from 13.7 prior to 14.10.5, 15.0 prior to 15.0.4, and 15.1 prior to 15.1.1 allows an...

CVE-2019-2229

In updateWidget of BaseWidgetProvider.java, there is a possible leak of user data due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8....

CVE-2025-2229

A token is created using the username, current date/time, and a fixed AES-128 encryption key, which is the same across all installations...

CVE-2025-2229

creationtimestamp| type| source ---|---|--- 2025-03-13 19:42:44+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/7482 2025-03-13 21:28:42+00:00| seen| https://t.me/cvedetector/20251 2025-03-13 22:36:12+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lkc5tggxkc24 2025-03-14...

CVE-2025-2229 Philips Intellispace Cardiovascular (ISCV) Use of Weak Credentials

A token is created using the username, current date/time, and a fixed AES-128 encryption key, which is the same across all installations...

CVE-2024-2229

CWE-502: Deserialization of Untrusted Data vulnerability exists that could cause remote code execution when a malicious project file is loaded into the application by a valid user...

CVE-2024-2229

creationtimestamp| type| source ---|---|--- 2024-03-18 17:27:10+00:00| seen| https://t.me/ctinow/210767 2024-03-18 17:32:15+00:00| seen| https://t.me/ctinow/210781...

CVE-2024-2229

CWE-502: Deserialization of Untrusted Data vulnerability exists that could cause remote code execution when a malicious project file is loaded into the application by a valid user...

CVE-2024-2229

Schneider Electric EcoStruxure Power Design - Ecodial (NL/INT/FR) is affected by a CWE-502 Deserialization of Untrusted Data vulnerability in the BinSerializer deserialization path. All versions of EcoStruxure Power Design - Ecodial are listed as affected; the issue could allow remote code execut...