Lucene search
K

23 matches found

OSV
OSV
added 2026/06/24 9:9 a.m.4 views

ROOT-APP-NPM-CVE-2023-44270 CVE-2023-44270 in @rootio/postcss - Patched by Root

Root has patched CVE-2023-44270 in the @rootio/postcss package for Root:npm. Multiple fixed versions available...

5.3CVSS8.2AI score0.00822EPSS
Exploits0
OpenVAS
OpenVAS
added 2025/05/26 12:0 a.m.7 views

Fedora: Security Advisory (FEDORA-2024-6aa3b5248f)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.1CVSS9.8AI score0.00822EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2025/03/11 9:16 a.m.26 views

Important: Red Hat Security Advisory: RHODF-4.18-RHEL-9 enhancement, bug fix and security update

Updated images that include numerous enhancements, security, and bug fixes are now available for Red Hat OpenShift Data Foundation 4.18.0 on Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System...

9.1CVSS6.8AI score0.03092EPSS
Exploits2References67
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2023-44270

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in PostCSS before 8.4.31. The vulnerability affects linters using PostCSS to parse external untrusted CSS. An attacker can prepare CSS i...

5.3CVSS6.4AI score0.00822EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2025/01/31 12:0 a.m.20 views

Fedora: Security Advisory (FEDORA-2025-c17ef0f176)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.5AI score0.8833EPSS
Exploits17References9
Debian
Debian
added 2024/12/26 10:44 p.m.18 views

[SECURITY] [DLA 4003-1] node-postcss security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4003-1 [email protected] https://www.debian.org/lts/security/ Bastien Roucariès December 26, 2024 https://wiki.debian.org/LTS -...

5.5CVSS5.9AI score0.00822EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2024/12/26 12:0 a.m.16 views

Debian dla-4003 : node-postcss - security update

The remote Debian 11 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-4003 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4003-1 [email protected]...

5.5CVSS6.6AI score0.00822EPSS
Exploits1References8
OpenVAS
OpenVAS
added 2024/12/17 12:0 a.m.18 views

Fedora: Security Advisory (FEDORA-2024-c4377d35e6)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.1CVSS7.5AI score0.00822EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2024/12/17 12:0 a.m.9 views

Fedora 41 : jupyterlab / python-notebook (2024-d335b971e7)

The remote Fedora 41 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2024-d335b971e7 advisory. New jupyterlab and notebook fixing security vulnerabilities. Tenable has extracted the preceding description block directly from the Fedora security...

6.1CVSS6.8AI score0.00822EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2024/12/17 12:0 a.m.11 views

Fedora 40 : jupyterlab / python-notebook (2024-c4377d35e6)

The remote Fedora 40 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2024-c4377d35e6 advisory. New jupyterlab and notebook fixing security vulnerabilities. Tenable has extracted the preceding description block directly from the Fedora security...

6.1CVSS6.8AI score0.00822EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2024/12/03 8:24 a.m.23 views

Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.17.7 security and extras update

Red Hat OpenShift Container Platform release 4.17.7 is now available with updates to packages and images that fix several bugs. This release includes a security update for Red Hat OpenShift Container Platform 4.17. Red Hat Product Security has rated this update as having a security impact of...

5.3CVSS6.7AI score0.00822EPSS
Exploits0References2
Apple
Apple
added 2024/10/28 12:0 a.m.106 views

About the security content of macOS Sonoma 14.7.1

About the security content of macOS Sonoma 14.7.1 This document describes the security content of macOS Sonoma 14.7.1. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or release...

9.3CVSS7.4AI score0.01021EPSS
Exploits1References1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/04/02 6:43 a.m.26 views

Security Bulletin: Vulnerability in PostCSS affects IBM Business Automation Workflow - CVE-2023-44270

Summary IBM Business Automation Workflow is depends on a vulnerable version of PostCSS. Vulnerability Details CVEID:CVE-2023-44270 DESCRIPTION: PostCSS could allow a remote attacker to bypass security restrictions, caused by improper input validaiton. By using a specially crafted external Cascadi...

5.3CVSS5.5AI score0.00822EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2024/03/05 9:13 a.m.33 views

Security Bulletin: postcss-8.4.14.tgz is vulnerable to CVE-2023-44270 used in IBM Maximo Application Suite - Edge Data Collector

Summary IBM Maximo Application Suite - Edge Data Collector uses postcss-8.4.14.tgz which is vulnerable to CVE-2023-44270 Vulnerability Details CVEID:CVE-2023-44270 DESCRIPTION: PostCSS could allow a remote attacker to bypass security restrictions, caused by improper input validaiton. By using a...

5.3CVSS5.5AI score0.00822EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/02/14 6:50 p.m.38 views

Security Bulletin: IBM QRadar Use Case Manager app is vulnerable to using components with known vulnerabilities

Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. The update addresses these issues. Vulnerability Details CVEID:CVE-2023-45857 DESCRIPTION: Axios is vulnerable to cross-site request forgery, caused by improper...

9.3CVSS8.3AI score0.02761EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/01/24 10:2 a.m.35 views

Security Bulletin: IBM Event Processing is vulnerable to Improper Input Validation due to the PostCSS (CVE-2023-44270).

Summary Operator of IBM Event Processing is vulnerable to Improper Input Validation due to the postcss-8.4.21.tgz before 8.4.31. PostCSS is a tool for transforming CSS with JavaScript plugins and this is a dev dependency used by Event Processing Team. CVE-2023-44270. Vulnerability Details...

5.3CVSS5.5AI score0.00822EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/12/21 5:24 p.m.67 views

Security Bulletin: IBM Storage Fusion HCI may be vulnerable to Injection, Regular Expression Denial of Service (ReDoS), and Arbitrary Code Execution and via use of postcss, semver, babel-traverse (CVE-2023-45133, CVE-2022-25883, CVE-2023-44270)

Summary JavaScript libraries postcss, semver, and babel-traverse are used by IBM Storage Fusion HCI's Web Interface. Vulnerabilities in these libraries could lead to Denial of Service and Arbitrary Code Injection as described the the CVEs listed in the "Vulnerability Details" section. Vulnerabili...

9.3CVSS8.8AI score0.02761EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/12/05 11:32 a.m.21 views

Security Bulletin: IBM QRadar User Behavior Analytics uses components with known vulnerabilities (CVE-2023-44270, CVE-2023-45133)

Summary IBM QRadar User Behavior Analytics contains vulnerable packages/components that may be identified and potentially exploited. The packages have been updated in the latest release and the vulnerabilities identified in the CVEs have been addressed. Please follow the instructions in the...

9.3CVSS8.3AI score0.00822EPSS
Exploits0Affected Software1
Circl
Circl
added 2023/11/19 3:26 p.m.13 views

CVE-2023-44270

creationtimestamp| type| source ---|---|--- 2023-11-19 15:26:54+00:00| seen| https://t.me/arpsyndicate/274 2025-11-12 15:46:39+00:00| seen| https://gist.github.com/ABartelt/3b53780c272d06c4063cad9330eb4f50...

5.3CVSS6.4AI score0.00822EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2023/11/16 9:37 p.m.45 views

Security Bulletin: IBM Storage Fusion may be vulnerable to Injection, Regular Expression Denial of Service (ReDoS), and Arbitrary Code Execution and via use of postcss, semver, babel-traverse (CVE-2023-45133, CVE-2022-25883, CVE-2023-44270)

Summary JavaScript libraries postcss, semver, and babel-traverse are used by IBM Storage Fusion's Web Interface. Vulnerabilities in these libraries could lead to Denial of Service and Arbitrary Code Injection as described the the CVEs listed in the "Vulnerability Details" section. Vulnerability...

9.3CVSS8.8AI score0.02761EPSS
Exploits1Affected Software1
Rows per page
Query Builder