23 matches found
ROOT-APP-NPM-CVE-2023-44270 CVE-2023-44270 in @rootio/postcss - Patched by Root
Root has patched CVE-2023-44270 in the @rootio/postcss package for Root:npm. Multiple fixed versions available...
Fedora: Security Advisory (FEDORA-2024-6aa3b5248f)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Important: Red Hat Security Advisory: RHODF-4.18-RHEL-9 enhancement, bug fix and security update
Updated images that include numerous enhancements, security, and bug fixes are now available for Red Hat OpenShift Data Foundation 4.18.0 on Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System...
Linux Distros Unpatched Vulnerability : CVE-2023-44270
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in PostCSS before 8.4.31. The vulnerability affects linters using PostCSS to parse external untrusted CSS. An attacker can prepare CSS i...
Fedora: Security Advisory (FEDORA-2025-c17ef0f176)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 4003-1] node-postcss security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-4003-1 [email protected] https://www.debian.org/lts/security/ Bastien Roucariès December 26, 2024 https://wiki.debian.org/LTS -...
Debian dla-4003 : node-postcss - security update
The remote Debian 11 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-4003 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4003-1 [email protected]...
Fedora: Security Advisory (FEDORA-2024-c4377d35e6)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 41 : jupyterlab / python-notebook (2024-d335b971e7)
The remote Fedora 41 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2024-d335b971e7 advisory. New jupyterlab and notebook fixing security vulnerabilities. Tenable has extracted the preceding description block directly from the Fedora security...
Fedora 40 : jupyterlab / python-notebook (2024-c4377d35e6)
The remote Fedora 40 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2024-c4377d35e6 advisory. New jupyterlab and notebook fixing security vulnerabilities. Tenable has extracted the preceding description block directly from the Fedora security...
Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.17.7 security and extras update
Red Hat OpenShift Container Platform release 4.17.7 is now available with updates to packages and images that fix several bugs. This release includes a security update for Red Hat OpenShift Container Platform 4.17. Red Hat Product Security has rated this update as having a security impact of...
About the security content of macOS Sonoma 14.7.1
About the security content of macOS Sonoma 14.7.1 This document describes the security content of macOS Sonoma 14.7.1. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or release...
Security Bulletin: Vulnerability in PostCSS affects IBM Business Automation Workflow - CVE-2023-44270
Summary IBM Business Automation Workflow is depends on a vulnerable version of PostCSS. Vulnerability Details CVEID:CVE-2023-44270 DESCRIPTION: PostCSS could allow a remote attacker to bypass security restrictions, caused by improper input validaiton. By using a specially crafted external Cascadi...
Security Bulletin: postcss-8.4.14.tgz is vulnerable to CVE-2023-44270 used in IBM Maximo Application Suite - Edge Data Collector
Summary IBM Maximo Application Suite - Edge Data Collector uses postcss-8.4.14.tgz which is vulnerable to CVE-2023-44270 Vulnerability Details CVEID:CVE-2023-44270 DESCRIPTION: PostCSS could allow a remote attacker to bypass security restrictions, caused by improper input validaiton. By using a...
Security Bulletin: IBM QRadar Use Case Manager app is vulnerable to using components with known vulnerabilities
Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. The update addresses these issues. Vulnerability Details CVEID:CVE-2023-45857 DESCRIPTION: Axios is vulnerable to cross-site request forgery, caused by improper...
Security Bulletin: IBM Event Processing is vulnerable to Improper Input Validation due to the PostCSS (CVE-2023-44270).
Summary Operator of IBM Event Processing is vulnerable to Improper Input Validation due to the postcss-8.4.21.tgz before 8.4.31. PostCSS is a tool for transforming CSS with JavaScript plugins and this is a dev dependency used by Event Processing Team. CVE-2023-44270. Vulnerability Details...
Security Bulletin: IBM Storage Fusion HCI may be vulnerable to Injection, Regular Expression Denial of Service (ReDoS), and Arbitrary Code Execution and via use of postcss, semver, babel-traverse (CVE-2023-45133, CVE-2022-25883, CVE-2023-44270)
Summary JavaScript libraries postcss, semver, and babel-traverse are used by IBM Storage Fusion HCI's Web Interface. Vulnerabilities in these libraries could lead to Denial of Service and Arbitrary Code Injection as described the the CVEs listed in the "Vulnerability Details" section. Vulnerabili...
Security Bulletin: IBM QRadar User Behavior Analytics uses components with known vulnerabilities (CVE-2023-44270, CVE-2023-45133)
Summary IBM QRadar User Behavior Analytics contains vulnerable packages/components that may be identified and potentially exploited. The packages have been updated in the latest release and the vulnerabilities identified in the CVEs have been addressed. Please follow the instructions in the...
CVE-2023-44270
creationtimestamp| type| source ---|---|--- 2023-11-19 15:26:54+00:00| seen| https://t.me/arpsyndicate/274 2025-11-12 15:46:39+00:00| seen| https://gist.github.com/ABartelt/3b53780c272d06c4063cad9330eb4f50...
Security Bulletin: IBM Storage Fusion may be vulnerable to Injection, Regular Expression Denial of Service (ReDoS), and Arbitrary Code Execution and via use of postcss, semver, babel-traverse (CVE-2023-45133, CVE-2022-25883, CVE-2023-44270)
Summary JavaScript libraries postcss, semver, and babel-traverse are used by IBM Storage Fusion's Web Interface. Vulnerabilities in these libraries could lead to Denial of Service and Arbitrary Code Injection as described the the CVEs listed in the "Vulnerability Details" section. Vulnerability...