Lucene search
K

8 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2022-25758

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - All versions of package scss-tokenizer are vulnerable to Regular Expression Denial of Service ReDoS via the loadAnnotation function, due to the usage of insecur...

7.5CVSS6.7AI score0.01949EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2024/07/12 12:0 a.m.27 views

RHEL 8 : grafana (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - nodejs-underscore: Arbitrary code execution via the template function CVE-2021-23358 - node-fetch is...

7.5CVSS8.2AI score0.04087EPSS
Exploits5References6
IBM Security Bulletins
IBM Security Bulletins
added 2022/11/09 6:38 p.m.178 views

Security Bulletin: IBM Cloud Pak for Security includes components with multiple known vulnerabilities

Summary IBM Cloud Pak for Security includes components with known vulnerabilities. These have been updated in the latest release and vulnerabilities have been addressed. Please follow the instructions in the Remediation/Fixes section below to update to the latest version of Cloud Pak for Security...

8.1CVSS8.1AI score0.0714EPSS
Exploits7Affected Software1
Circl
Circl
added 2022/07/02 12:39 a.m.9 views

CVE-2022-25758

creationtimestamp| type| source ---|---|--- 2022-07-02 00:39:59+00:00| seen| https://t.me/cibsecurity/45532...

7.5CVSS6.5AI score0.01949EPSS
Exploits1References1
NVD
NVD
added 2022/07/01 8:15 p.m.30 views

CVE-2022-25758

All versions of package scss-tokenizer are vulnerable to Regular Expression Denial of Service ReDoS via the loadAnnotation function, due to the usage of insecure regex...

7.5CVSS0.01949EPSS
Exploits1References3
Cvelist
Cvelist
added 2022/07/01 8:1 p.m.26 views

CVE-2022-25758 Regular Expression Denial of Service (ReDoS)

All versions of package scss-tokenizer are vulnerable to Regular Expression Denial of Service ReDoS via the loadAnnotation function, due to the usage of insecure regex...

5.3CVSS7.6AI score0.01949EPSS
Exploits1References3
CVE
CVE
added 2022/07/01 8:1 p.m.114 views

CVE-2022-25758

CVE-2022-25758 affects the scss-tokenizer package: every version is vulnerable to a ReDoS via loadAnnotation() caused by insecure regex. Exploitation is described as remote, enabling Denial of Service. Remediation is to upgrade IBM WebMethods Cloud Pak System components to supported versions; IBM...

7.5CVSS6.1AI score0.01949EPSS
Exploits1References3Affected Software1
vulnersOsv
vulnersOsv
added 2022/01/13 4:29 p.m.7 views

-tompan-reacttemplate (>=1.0.1 <=1.1.0), 08cms (=1.0.0) +17632 more potentially affected by CVE-2022-25758 via scss-tokenizer (>=0.1.2 <=0.4.2)

scss-tokenizer NPM version =0.1.2, =1.0.1, =1.0.4, =1.0.3, =0.2.0, =0.0.1, =0.1.0, =0.1.0, =0.1.276 - 5coder-pages =0.2.0 and more Source cves: CVE-2022-25758 Source advisory: SNYK:JS-SCSSTOKENIZER-2339884...

7.5CVSS6.7AI score0.01949EPSS
Exploits1
Rows per page
Query Builder