8 matches found
Linux Distros Unpatched Vulnerability : CVE-2022-25758
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - All versions of package scss-tokenizer are vulnerable to Regular Expression Denial of Service ReDoS via the loadAnnotation function, due to the usage of insecur...
RHEL 8 : grafana (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - nodejs-underscore: Arbitrary code execution via the template function CVE-2021-23358 - node-fetch is...
Security Bulletin: IBM Cloud Pak for Security includes components with multiple known vulnerabilities
Summary IBM Cloud Pak for Security includes components with known vulnerabilities. These have been updated in the latest release and vulnerabilities have been addressed. Please follow the instructions in the Remediation/Fixes section below to update to the latest version of Cloud Pak for Security...
CVE-2022-25758
creationtimestamp| type| source ---|---|--- 2022-07-02 00:39:59+00:00| seen| https://t.me/cibsecurity/45532...
CVE-2022-25758
All versions of package scss-tokenizer are vulnerable to Regular Expression Denial of Service ReDoS via the loadAnnotation function, due to the usage of insecure regex...
CVE-2022-25758 Regular Expression Denial of Service (ReDoS)
All versions of package scss-tokenizer are vulnerable to Regular Expression Denial of Service ReDoS via the loadAnnotation function, due to the usage of insecure regex...
CVE-2022-25758
CVE-2022-25758 affects the scss-tokenizer package: every version is vulnerable to a ReDoS via loadAnnotation() caused by insecure regex. Exploitation is described as remote, enabling Denial of Service. Remediation is to upgrade IBM WebMethods Cloud Pak System components to supported versions; IBM...
-tompan-reacttemplate (>=1.0.1 <=1.1.0), 08cms (=1.0.0) +17632 more potentially affected by CVE-2022-25758 via scss-tokenizer (>=0.1.2 <=0.4.2)
scss-tokenizer NPM version =0.1.2, =1.0.1, =1.0.4, =1.0.3, =0.2.0, =0.0.1, =0.1.0, =0.1.0, =0.1.276 - 5coder-pages =0.2.0 and more Source cves: CVE-2022-25758 Source advisory: SNYK:JS-SCSSTOKENIZER-2339884...