CVE-2026-42461

creationtimestamp| type| source ---|---|--- 2026-05-09 05:12:38+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mlfibxtzg32e...

Linux Distros Unpatched Vulnerability : CVE-2024-42461

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Elliptic package 6.5.6 for Node.js, ECDSA signature malleability occurs because BER-encoded signatures are allowed. CVE-2024-42461 Note that Nessus relie...

Security Bulletin: IBM watsonx Orchestrate Cartridge affected by vulnerability in Elliptic module

Summary IBM watsonx Orchestrate Cartridge contains a vulnerable version of Elliptic module Vulnerability Details CVEID:CVE-2024-42461 DESCRIPTION: Node.js Elliptic module could allow a remote attacker to obtain sensitive information, caused by a flaw with BER-encoded signatures are allowed. By...

Security Bulletin: IBM QRadar Deployment Intelligence app for IBM QRadar SIEM is vulnerable to using components with known vulnerabilities

Summary The product includes vulnerable components e.g., framework libraries that could be identified and exploited with automated tools. IBM QRadar Deployment Intelligence app for IBM QRadar SIEM has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2024-42461 DESCRIPTION: Node.js...

Important: Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.8.8 bug fixes and container updates

Red Hat Advanced Cluster Management for Kubernetes 2.8.8 General Availability release images, which fix bugs and update container images. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a...

Important: Red Hat Security Advisory: Multicluster Engine for Kubernetes 2.3.8 bug fixes and container updates

Multicluster Engine for Kubernetes 2.3.8 General Availability release images, which fix bugs and update container images. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

Important: Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.9.5 bug fixes and container updates

Red Hat Advanced Cluster Management for Kubernetes 2.9.5 General Availability release images, which fix bugs and update container images. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a...

Moderate: Red Hat Security Advisory: Multicluster Engine for Kubernetes 2.5.7 security updates and bug fixes

Multicluster Engine for Kubernetes 2.5.7 General Availability release images, which fix bugs and update container images. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

CBL Mariner 2.0 Security Update: reaper (CVE-2024-42461)

The version of reaper installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-42461 advisory. - In the Elliptic package 6.5.6 for Node.js, ECDSA signature malleability occurs because BER-encoded signature...

CVE-2024-42461 affecting package reaper for versions less than 3.1.1-11

CVE-2024-42461 affecting package reaper for versions less than 3.1.1-11. A patched version of the package is available...

Moderate: Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.4.10 security update

Red Hat OpenShift Service Mesh Containers for 2.4.10 Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...

Security Bulletin: IBM App Connect Enterprise Certified Container Dashboard operands that use COS S3 storage are vulnerable to loss of confidentiality [CVE-2024-42459] [CVE-2024-42460] [CVE-2024-42461]

Summary Node.js Elliptic module is used by IBM App Connect Enterprise Certified Container for encription and signature validation in communication between a Dashboard and COS S3 storage. IBM App Connect Enterprise Certified Container Dashboard operands that use COS S3 storage for storing bar file...

CVE-2024-42461

creationtimestamp| type| source ---|---|--- 2024-08-02 09:50:11+00:00| seen| https://t.me/cvedetector/2330 2024-08-06 22:20:33+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/8189...

AZL-47425 CVE-2024-42461 affecting package reaper for versions less than 3.1.1-11

In the Elliptic package 6.5.6 for Node.js, ECDSA signature malleability occurs because BER-encoded signatures are allowed...

CVE-2024-42461

In the Elliptic package 6.5.6 for Node.js, ECDSA signature malleability occurs because BER-encoded signatures are allowed...

CVE-2024-42461

In the Elliptic package 6.5.6 for Node.js, ECDSA signature malleability occurs because BER-encoded signatures are allowed...

CVE-2023-42461

GLPI stands for Gestionnaire Libre de Parc Informatique is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. The ITIL actors input field from the Ticket form can be used to perform a SQL injection. Users are advised...

CVE-2023-42461 SQL injection in ITIL actors in GLPI

GLPI stands for Gestionnaire Libre de Parc Informatique is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. The ITIL actors input field from the Ticket form can be used to perform a SQL injection. Users are advised...

CVE-2023-42461 SQL injection in ITIL actors in GLPI

GLPI stands for Gestionnaire Libre de Parc Informatique is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. The ITIL actors input field from the Ticket form can be used to perform a SQL injection. Users are advised...

CVE-2023-42461

GLPI (Gestionnaire Libre de Parc Informatique) has an SQL injection vulnerability (CVE-2023-42461) in the ticket/search path where the ITIL actor input field in the Ticket form can be exploited. This affects GLPI versions prior to 10.0.13; an authenticated user can abuse the vulnerable query, pot...