7 matches found
Security Bulletin: IBM Cloud Pak for Data is vulnerable to denial of service due to Node.js cookiejar module ( CVE-2022-25901 )
Summary Node.js cookiejar module is used by IBM Cloud Pak for Data as part of the platform. CVE-2022-25901. Vulnerability Details CVEID:CVE-2022-25901 DESCRIPTION: Node.js cookiejar module is vulnerable to a denial of service, caused by an insecure regular expression in the Cookie.parse function....
[SECURITY] [DLA 3561-1] node-cookiejar security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3561-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb September 11, 2023 https://wiki.debian.org/LTS -...
Debian: Security Advisory (DLA-3561-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: Multiple Vulnerabilities in CloudPak for Watson AIOPs
Summary Multiple vulnerabilities were fixed in IBM Cloud Pak for Watson AIOps version 3.6.2 Vulnerability Details CVEID:CVE-2022-25901 DESCRIPTION: Node.js cookiejar module is vulnerable to a denial of service, caused by an insecure regular expression in the Cookie.parse function. A remote attack...
CVE-2022-25901
creationtimestamp| type| source ---|---|--- 2023-01-18 06:31:03+00:00| published-proof-of-concept| https://github.com/advisories/GHSA-h452-7996-h45h...
CVE-2022-25901
Versions of the package cookiejar before 2.1.4 are vulnerable to Regular Expression Denial of Service ReDoS via the Cookie.parse function, which uses an insecure regular expression...
CVE-2022-25901
CVE-2022-25901 affects the Node.js package cookiejar. The vulnerability is a denial of service (ReDoS) in Cookie.parse caused by an insecure regular expression, exploitable remotely to exhaust CPU. Public details confirm vulnerable versions include cookiejar before 2.1.4; affected products includ...