Lucene search
K

19 matches found

OSV
OSV
added yesterday12 views

ROOT-APP-NPM-CVE-2026-42338 CVE-2026-42338 in @rootio/ip-address - Patched by Root

Root has patched CVE-2026-42338 in the @rootio/ip-address package for Root:npm. Multiple fixed versions available...

6.1CVSS5.8AI score0.00471EPSS
Exploits1
Rockylinux
Rockylinux
added 2026/07/07 12:3 a.m.9 views

nodejs:22 security, bug fix, and enhancement update

An update is available for nodejs-packaging, module.nodejs-nodemon, module.nodejs-packaging, nodejs-nodemon. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list...

9.8CVSS7.1AI score0.02806EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2026/07/06 3:7 p.m.8 views

Important: Red Hat Security Advisory: nodejs:22 security, bug fix, and enhancement update

An update for the nodejs:22 module is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

9.8CVSS6.5AI score0.02806EPSS
Exploits1References15
OSV
OSV
added 2026/07/06 12:0 a.m.8 views

ALSA-2026:35892 Important: nodejs:22 security, bug fix, and enhancement update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: ip-address: ip-address: Cross-site scripting via improper HTML escaping of untrusted input CVE-2026-42338 undici: undici: Denial of Service due to...

9.8CVSS7.1AI score0.02806EPSS
Exploits1References28
RedHat Linux
RedHat Linux
added 2026/06/29 5:10 p.m.7 views

Important: Red Hat Security Advisory: Kiali 2.17.10 for Red Hat OpenShift Service Mesh 3.2

Kiali 2.17.10 for Red Hat OpenShift Service Mesh 3.2 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

9.6CVSS6.8AI score0.01041EPSS
Exploits9References14
RedHat Linux
RedHat Linux
added 2026/06/29 4:36 p.m.16 views

Important: Red Hat Security Advisory: Kiali 2.4.19 for Red Hat OpenShift Service Mesh 3.0

Kiali 2.4.19 for Red Hat OpenShift Service Mesh 3.0 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

9.6CVSS6.8AI score0.01041EPSS
Exploits8References13
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/29 3:55 p.m.8 views

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses ip-address-10.1.0.tgz which is vulnerable to CVE-2026-42338

Summary IBM Maximo Application Suite - Visual Inspection component uses ip-address-10.1.0.tgz which is vulnerable to CVE-2026-42338. This bulletin contains information regarding the vulnerability and its remediation Vulnerability Details CVEID:CVE-2026-42338 DESCRIPTION: ip-address is a library f...

8.1CVSS6.6AI score0.00471EPSS
Exploits1Affected Software1
OSV
OSV
added 2026/05/18 1:36 p.m.120 views

CLEANSTART-2026-BE61221 Security fixes for CVE-2025-62718, CVE-2025-69873, CVE-2026-29045, CVE-2026-29085, CVE-2026-29086, CVE-2026-29087, CVE-2026-2950, CVE-2026-30827, CVE-2026-33750, CVE-2026-33891, CVE-2026-33894, CVE-2026-33895, CVE-2026-33896, CVE-2026-33916, CVE-2026-33937, CVE-2026-34043, CVE-2026-35213, CVE-2026-39406, CVE-2026-39407, CVE-2026-39408, CVE-2026-39409, CVE-2026-39410, CVE-2026-40175, CVE-2026-41238, CVE-2026-41239, CVE-2026-41240, CVE-2026-42033, CVE-2026-42034, CVE-2026-42035, CVE-2026-42036, CVE-2026-42037, CVE-2026-42038, CVE-2026-42039, CVE-2026-42040, CVE-2026-42041, CVE-2026-42042, CVE-2026-42043, CVE-2026-42044, CVE-2026-42264, CVE-2026-42338, CVE-2026-44455, CVE-2026-44456, CVE-2026-44457, CVE-2026-44458, CVE-2026-44459, CVE-2026-4800, CVE-2026-4923, CVE-2026-4926, CVE-2026-6321, CVE-2026-6322, ghsa-2328-f5f3-gj25, ghsa-26pp-8wgv-hjvm, ghsa-27v5-c462-wpq7, ghsa-2g4f-4pwh-qvx6, ghsa-2qvq-rjwj-gvw9, ghsa-2w6w-674q-4c4q, ghsa-39q2-94rc-95cp, ghsa-3mfm-83xf-c92r, ghsa-3p68-rc4w-qgx5, ghsa-3v7f-55p6-f55p, ghsa-3w6x-2g7m-8v23, ghsa-442j-39wm-28r2, ghsa-445q-vr5w-6q77, ghsa-458j-xx4x-4375, ghsa-46wh-pxpv-q5gq, ghsa-5c6j-r48x-rmvq, ghsa-5c9x-8gcm-mpgx, ghsa-5m6q-g25r-mvwx, ghsa-5pq2-9x2x-5p6w, ghsa-62hf-57xw-28j9, ghsa-69xw-7hcm-h432, ghsa-6chq-wfr3-2hj9, ghsa-7rx3-28cr-v5wh, ghsa-92pp-h63x-v22m, ghsa-9cx6-37pm-9jff, ghsa-9vqf-7f2p-gf9v, ghsa-c2c7-rcm5-vvqj, ghsa-crv5-9vww-q3g8, ghsa-f23m-r3pf-42rh, ghsa-f886-m6hf-6m8v, ghsa-fvcv-3m26-pcqx, ghsa-h7mw-gpvr-xq4m, ghsa-j3q9-mxjg-w52f, ghsa-jg4p-7fhp-p32p, ghsa-m7pr-hjqh-92cm, ghsa-p6xx-57qc-3wxr, ghsa-p77w-8qqv-26rm, ghsa-pf86-5x62-jrwf, ghsa-pmwg-cvhr-8vh7, ghsa-ppp5-5v6c-4jwp, ghsa-q3j6-qgpj-74h6, ghsa-q5qw-h33p-qvwr, ghsa-q67f-28xg-22rw, ghsa-q8qp-cvcw-x6jj, ghsa-qj8w-gfj5-8c6v, ghsa-qp7p-654g-cw7p, ghsa-r4q5-vmmm-2653, ghsa-r5fr-rjxr-66jc, ghsa-r5rp-j6wh-rvv4, ghsa-v2v4-37r5-5v8g, ghsa-v39h-62p7-jpjc, ghsa-v8w9-8mx6-g223, ghsa-v9jr-rg53-9pgp, ghsa-vf2m-468p-8v99, ghsa-w9j2-pvgh-6h63, ghsa-wc8c-qw6v-h7f6, ghsa-wmmm-f939-6g9c, ghsa-xf4j-xp2r-rqqx, ghsa-xhjh-pmcv-23jw, ghsa-xhpv-hc6g-r9c6, ghsa-xjpj-3mr7-gcpf, ghsa-xpcf-pg52-r92g, ghsa-xx6v-rp6x-q39c applied in versions: 2.19.5-r0

Multiple security vulnerabilities affect the opensearch-dashboards-fips package. These issues are resolved in later releases. See references for individual vulnerability details...

10CVSS6.5AI score0.01815EPSS
Exploits29References164
Tenable Nessus
Tenable Nessus
added 2026/05/14 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-42338

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ip-address is a library for parsing and manipulating IPv4 and IPv6 addresses in JavaScript. Prior to 10.1.1, Address6.group and Address6.link do not HTML-escape...

8.1CVSS6.7AI score0.00471EPSS
Exploits1References3
Wolfi
Wolfi
added 2026/05/07 2:1 a.m.21 views

CVE-2026-42338 vulnerabilities

Vulnerabilities for packages: sqlpad, prism, kubeflow-pipelines, renovate, langfuse, opensearch-dashboards, tileserver-gl, pulumi, code-server, lerna, saf, npm...

8.1CVSS7AI score0.00471EPSS
Exploits1
Chainguard
Chainguard
added 2026/05/07 1:17 a.m.15 views

CVE-2026-42338 vulnerabilities

Vulnerabilities for packages: tileserver-gl, langfuse-fips, saf, wazuh-dashboard-fips, opensearch-dashboards-fips, librechat, langfuse, drupal, kubeflow-pipelines, lerna, wazuh-dashboard, sqlpad, tileserver-gl-fips, opensearch-dashboards, prism, renovate, kibana, npm, pulumi, actions-runner,...

8.1CVSS7AI score0.00471EPSS
Exploits1
EUVD
EUVD
added 2025/11/10 5:18 a.m.0 views

EUVD-2025-42338

Malicious code in putri-serabi47-miaww npm...

6.6AI score
Exploits0
Circl
Circl
added 2024/08/25 10:6 a.m.8 views

CVE-2024-42338

creationtimestamp| type| source ---|---|--- 2024-08-25 10:06:40+00:00| seen| https://t.me/cvedetector/4083...

4.3CVSS4.8AI score0.0029EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/08/25 7:7 a.m.20 views

CVE-2024-42338 CyberArk - CWE-200: Exposure of Sensitive Information to an Unauthorized Actor

CyberArk - CWE-200: Exposure of Sensitive Information to an Unauthorized Actor...

4.3CVSS0.0029EPSS
Exploits0References1
Circl
Circl
added 2021/11/19 12:16 p.m.7 views

CVE-2021-42338

creationtimestamp| type| source ---|---|--- 2021-11-19 12:16:41+00:00| seen| https://t.me/cibsecurity/32682...

10CVSS8.7AI score0.05628EPSS
Exploits0References1
NVD
NVD
added 2021/11/19 9:15 a.m.26 views

CVE-2021-42338

4MOSAn GCB Doctor’s login page has improper validation of Cookie, which allows an unauthenticated remote attacker to bypass authentication by code injection in cookie, and arbitrarily manipulate the system or interrupt services by upload and execution of arbitrary files...

10CVSS0.05628EPSS
Exploits0References1
CVE
CVE
added 2021/11/19 9:5 a.m.62 views

CVE-2021-42338

The CVE-2021-42338 entry concerns 4MOSAn GCB Doctor’s login page, where improper validation of a cookie allows an unauthenticated remote attacker to bypass authentication via code injection in the cookie and to arbitrarily manipulate the system or disrupt services by uploading and executing arbit...

10CVSS10AI score0.05628EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/11/19 9:5 a.m.29 views

CVE-2021-42338 4MOSAn GCB Doctor - Improper Authorization

4MOSAn GCB Doctor’s login page has improper validation of Cookie, which allows an unauthenticated remote attacker to bypass authentication by code injection in cookie, and arbitrarily manipulate the system or interrupt services by upload and execution of arbitrary files...

9.8CVSS10AI score0.05628EPSS
Exploits0References1
CVE
CVE
added 1976/01/01 12:0 a.m.16 views

CVE-2022-42338

CVE-2022-42338 is rejected/not used as stated in the initial description.

6.8AI score
Exploits0
Rows per page
Query Builder