Lucene search
K

10 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/06/09 3:13 p.m.7 views

Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerability in lodash-4.17.21.tgz

Summary IBM Watson Discovery Cartridge affected by vulnerability in lodash-4.17.21.tgz Vulnerability Details CVEID:CVE-2025-13465 DESCRIPTION: Lodash versions 4.0.0 through 4.17.22 are vulnerable to prototype pollution in the .unset and .omit functions. An attacker can pass crafted paths which...

8.2CVSS6.2AI score0.01535EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/01 7:28 p.m.14 views

Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerability in axios-1.12.2.tgz

Summary IBM Watson Discovery Cartridge affected by vulnerability in axios-1.12.2.tgz Vulnerability Details CVEID:CVE-2026-25639 DESCRIPTION: Axios is a promise based HTTP client for the browser and Node.js. Prior to versions 0.30.3 and 1.13.5, the mergeConfig function in axios crashes with a...

7.5CVSS5.8AI score0.02591EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/01 3:26 p.m.11 views

Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerability in uuid-3.3.2.tgz

Summary IBM Watson Discovery Cartridge affected by vulnerability in uuid-3.3.2.tgz Vulnerability Details CVEID:CVE-2026-41988 DESCRIPTION: uuid before 14.0.0 can make unexpected writes when external output buffers are used, and the UUID version is 3, 5, or 6. In particular, UUID version 4, which ...

3.2CVSS5.8AI score0.00138EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/01 3:9 p.m.13 views

Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerability in follow-redirects-1.15.11.tgz

Summary IBM Watson Discovery Cartridge affected by vulnerability in follow-redirects-1.15.11.tgz Vulnerability Details CVEID:CVE-2026-40895 DESCRIPTION: follow-redirects is an open source, drop-in replacement for Node's http and https modules that automatically follows redirects. Prior to 1.16.0,...

7.5CVSS7.3AI score0.00486EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/18 3:29 p.m.11 views

Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerability in deepdiff-8.6.1-py3-none-any.whl

Summary IBM Watson Discovery Cartridge affected by vulnerability in deepdiff-8.6.1-py3-none-any.whl Vulnerability Details CVEID:CVE-2026-33155 DESCRIPTION: DeepDiff is a project focused on Deep Difference and search of any Python data. From version 5.0.0 to before version 8.6.2, the pickle...

8.7CVSS5.7AI score0.00452EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/07 7:43 p.m.10 views

Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerabilities in multer-2.0.2.tgz

Summary IBM Watson Discovery Cartridge affected by vulnerabilities in multer-2.0.2.tgz Vulnerability Details CVEID:CVE-2026-2359 DESCRIPTION: Multer is a node.js middleware for handling multipart/form-data. A vulnerability in Multer prior to version 2.1.0 allows an attacker to trigger a Denial of...

8.7CVSS5.8AI score0.00663EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/29 5:26 p.m.5 views

Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerability in elasticsearch-7.17.13.jar

Summary IBM Watson Discovery Cartridge affected by vulnerability in elasticsearch-7.17.13.jar Vulnerability Details CVEID:CVE-2024-52980 DESCRIPTION: A flaw was discovered in Elasticsearch, where a large recursion using the innerForbidCircularReferences function of the PatternBank class could cau...

6.5CVSS5.3AI score0.00467EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/28 10:45 p.m.7 views

Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerability in werkzeug-3.1.5-py3-none-any.whl

Summary IBM Watson Discovery Cartridge affected by vulnerability in werkzeug-3.1.5-py3-none-any.whl Vulnerability Details CVEID:CVE-2026-27199 DESCRIPTION: Werkzeug is a comprehensive WSGI web application library. Versions 3.1.5 and below, the safejoin function allows Windows device names as...

6.3CVSS5.2AI score0.00556EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/28 7:28 p.m.7 views

Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerability in multer-2.0.2.tgz

Summary IBM Watson Discovery Cartridge affected by vulnerability in multer-2.0.2.tgz Vulnerability Details CVEID:CVE-2026-2359 DESCRIPTION: Multer is a node.js middleware for handling multipart/form-data. A vulnerability in Multer prior to version 2.1.0 allows an attacker to trigger a Denial of...

8.7CVSS5.3AI score0.00713EPSS
Exploits1Affected Software1
vulnersOsv
vulnersOsv
added 2025/04/18 3:2 p.m.10 views

@andesite-lab/andesite-core (=1.60.2), @bechara/crux (>=6.0.0 <=6.6.2) +137 more potentially affected by CVE-2025-32442 via fastify (>=5.0.0 <=5.3.1)

fastify NPM version =5.0.0, =6.0.0, =0.2.305, =1.0.6, =1.0.11, =1.9.4, =2.0.0, =1.6.0, =1.6.0, =1.6.0, =1.6.0, =1.6.0, =1.6.0, =1.8.3 - @citrineos/ocpi-base =2.0.1 - @citrineos/ocpi-cdrs =2.0.1 and more Source cves: CVE-2025-32442 Source advisory: OSV:GHSA-MG2H-6X62-WPWC...

7.5CVSS7AI score0.00635EPSS
Exploits1
Rows per page
Query Builder