19 matches found
ROOT-APP-NPM-CVE-2026-42338 CVE-2026-42338 in @rootio/ip-address - Patched by Root
Root has patched CVE-2026-42338 in the @rootio/ip-address package for Root:npm. Multiple fixed versions available...
nodejs:22 security, bug fix, and enhancement update
An update is available for nodejs-packaging, module.nodejs-nodemon, module.nodejs-packaging, nodejs-nodemon. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list...
Important: Red Hat Security Advisory: nodejs:22 security, bug fix, and enhancement update
An update for the nodejs:22 module is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
ALSA-2026:35892 Important: nodejs:22 security, bug fix, and enhancement update
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: ip-address: ip-address: Cross-site scripting via improper HTML escaping of untrusted input CVE-2026-42338 undici: undici: Denial of Service due to...
Important: Red Hat Security Advisory: Kiali 2.17.10 for Red Hat OpenShift Service Mesh 3.2
Kiali 2.17.10 for Red Hat OpenShift Service Mesh 3.2 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...
Important: Red Hat Security Advisory: Kiali 2.4.19 for Red Hat OpenShift Service Mesh 3.0
Kiali 2.4.19 for Red Hat OpenShift Service Mesh 3.0 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses ip-address-10.1.0.tgz which is vulnerable to CVE-2026-42338
Summary IBM Maximo Application Suite - Visual Inspection component uses ip-address-10.1.0.tgz which is vulnerable to CVE-2026-42338. This bulletin contains information regarding the vulnerability and its remediation Vulnerability Details CVEID:CVE-2026-42338 DESCRIPTION: ip-address is a library f...
CLEANSTART-2026-BE61221 Security fixes for CVE-2025-62718, CVE-2025-69873, CVE-2026-29045, CVE-2026-29085, CVE-2026-29086, CVE-2026-29087, CVE-2026-2950, CVE-2026-30827, CVE-2026-33750, CVE-2026-33891, CVE-2026-33894, CVE-2026-33895, CVE-2026-33896, CVE-2026-33916, CVE-2026-33937, CVE-2026-34043, CVE-2026-35213, CVE-2026-39406, CVE-2026-39407, CVE-2026-39408, CVE-2026-39409, CVE-2026-39410, CVE-2026-40175, CVE-2026-41238, CVE-2026-41239, CVE-2026-41240, CVE-2026-42033, CVE-2026-42034, CVE-2026-42035, CVE-2026-42036, CVE-2026-42037, CVE-2026-42038, CVE-2026-42039, CVE-2026-42040, CVE-2026-42041, CVE-2026-42042, CVE-2026-42043, CVE-2026-42044, CVE-2026-42264, CVE-2026-42338, CVE-2026-44455, CVE-2026-44456, CVE-2026-44457, CVE-2026-44458, CVE-2026-44459, CVE-2026-4800, CVE-2026-4923, CVE-2026-4926, CVE-2026-6321, CVE-2026-6322, ghsa-2328-f5f3-gj25, ghsa-26pp-8wgv-hjvm, ghsa-27v5-c462-wpq7, ghsa-2g4f-4pwh-qvx6, ghsa-2qvq-rjwj-gvw9, ghsa-2w6w-674q-4c4q, ghsa-39q2-94rc-95cp, ghsa-3mfm-83xf-c92r, ghsa-3p68-rc4w-qgx5, ghsa-3v7f-55p6-f55p, ghsa-3w6x-2g7m-8v23, ghsa-442j-39wm-28r2, ghsa-445q-vr5w-6q77, ghsa-458j-xx4x-4375, ghsa-46wh-pxpv-q5gq, ghsa-5c6j-r48x-rmvq, ghsa-5c9x-8gcm-mpgx, ghsa-5m6q-g25r-mvwx, ghsa-5pq2-9x2x-5p6w, ghsa-62hf-57xw-28j9, ghsa-69xw-7hcm-h432, ghsa-6chq-wfr3-2hj9, ghsa-7rx3-28cr-v5wh, ghsa-92pp-h63x-v22m, ghsa-9cx6-37pm-9jff, ghsa-9vqf-7f2p-gf9v, ghsa-c2c7-rcm5-vvqj, ghsa-crv5-9vww-q3g8, ghsa-f23m-r3pf-42rh, ghsa-f886-m6hf-6m8v, ghsa-fvcv-3m26-pcqx, ghsa-h7mw-gpvr-xq4m, ghsa-j3q9-mxjg-w52f, ghsa-jg4p-7fhp-p32p, ghsa-m7pr-hjqh-92cm, ghsa-p6xx-57qc-3wxr, ghsa-p77w-8qqv-26rm, ghsa-pf86-5x62-jrwf, ghsa-pmwg-cvhr-8vh7, ghsa-ppp5-5v6c-4jwp, ghsa-q3j6-qgpj-74h6, ghsa-q5qw-h33p-qvwr, ghsa-q67f-28xg-22rw, ghsa-q8qp-cvcw-x6jj, ghsa-qj8w-gfj5-8c6v, ghsa-qp7p-654g-cw7p, ghsa-r4q5-vmmm-2653, ghsa-r5fr-rjxr-66jc, ghsa-r5rp-j6wh-rvv4, ghsa-v2v4-37r5-5v8g, ghsa-v39h-62p7-jpjc, ghsa-v8w9-8mx6-g223, ghsa-v9jr-rg53-9pgp, ghsa-vf2m-468p-8v99, ghsa-w9j2-pvgh-6h63, ghsa-wc8c-qw6v-h7f6, ghsa-wmmm-f939-6g9c, ghsa-xf4j-xp2r-rqqx, ghsa-xhjh-pmcv-23jw, ghsa-xhpv-hc6g-r9c6, ghsa-xjpj-3mr7-gcpf, ghsa-xpcf-pg52-r92g, ghsa-xx6v-rp6x-q39c applied in versions: 2.19.5-r0
Multiple security vulnerabilities affect the opensearch-dashboards-fips package. These issues are resolved in later releases. See references for individual vulnerability details...
Linux Distros Unpatched Vulnerability : CVE-2026-42338
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ip-address is a library for parsing and manipulating IPv4 and IPv6 addresses in JavaScript. Prior to 10.1.1, Address6.group and Address6.link do not HTML-escape...
CVE-2026-42338 vulnerabilities
Vulnerabilities for packages: sqlpad, prism, kubeflow-pipelines, renovate, langfuse, opensearch-dashboards, tileserver-gl, pulumi, code-server, lerna, saf, npm...
CVE-2026-42338 vulnerabilities
Vulnerabilities for packages: tileserver-gl, langfuse-fips, saf, wazuh-dashboard-fips, opensearch-dashboards-fips, librechat, langfuse, drupal, kubeflow-pipelines, lerna, wazuh-dashboard, sqlpad, tileserver-gl-fips, opensearch-dashboards, prism, renovate, kibana, npm, pulumi, actions-runner,...
EUVD-2025-42338
Malicious code in putri-serabi47-miaww npm...
CVE-2024-42338
creationtimestamp| type| source ---|---|--- 2024-08-25 10:06:40+00:00| seen| https://t.me/cvedetector/4083...
CVE-2024-42338 CyberArk - CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
CyberArk - CWE-200: Exposure of Sensitive Information to an Unauthorized Actor...
CVE-2021-42338
creationtimestamp| type| source ---|---|--- 2021-11-19 12:16:41+00:00| seen| https://t.me/cibsecurity/32682...
CVE-2021-42338
4MOSAn GCB Doctor’s login page has improper validation of Cookie, which allows an unauthenticated remote attacker to bypass authentication by code injection in cookie, and arbitrarily manipulate the system or interrupt services by upload and execution of arbitrary files...
CVE-2021-42338
The CVE-2021-42338 entry concerns 4MOSAn GCB Doctor’s login page, where improper validation of a cookie allows an unauthenticated remote attacker to bypass authentication via code injection in the cookie and to arbitrarily manipulate the system or disrupt services by uploading and executing arbit...
CVE-2021-42338 4MOSAn GCB Doctor - Improper Authorization
4MOSAn GCB Doctor’s login page has improper validation of Cookie, which allows an unauthenticated remote attacker to bypass authentication by code injection in cookie, and arbitrarily manipulate the system or interrupt services by upload and execution of arbitrary files...
CVE-2022-42338
CVE-2022-42338 is rejected/not used as stated in the initial description.