Lucene search
K

7 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2024/08/08 6:16 p.m.21 views

Security Bulletin: IBM Cloud Pak for Data is vulnerable to denial of service due to Node.js cookiejar module ( CVE-2022-25901 )

Summary Node.js cookiejar module is used by IBM Cloud Pak for Data as part of the platform. CVE-2022-25901. Vulnerability Details CVEID:CVE-2022-25901 DESCRIPTION: Node.js cookiejar module is vulnerable to a denial of service, caused by an insecure regular expression in the Cookie.parse function....

7.5CVSS8AI score0.01546EPSS
Exploits1Affected Software1
Debian
Debian
added 2023/09/12 1:0 a.m.26 views

[SECURITY] [DLA 3561-1] node-cookiejar security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3561-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb September 11, 2023 https://wiki.debian.org/LTS -...

7.5CVSS6.3AI score0.01546EPSS
Exploits1
OpenVAS
OpenVAS
added 2023/09/12 12:0 a.m.30 views

Debian: Security Advisory (DLA-3561-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.8AI score0.01546EPSS
Exploits1References3
IBM Security Bulletins
IBM Security Bulletins
added 2023/02/24 7:49 p.m.41 views

Security Bulletin: Multiple Vulnerabilities in CloudPak for Watson AIOPs

Summary Multiple vulnerabilities were fixed in IBM Cloud Pak for Watson AIOps version 3.6.2 Vulnerability Details CVEID:CVE-2022-25901 DESCRIPTION: Node.js cookiejar module is vulnerable to a denial of service, caused by an insecure regular expression in the Cookie.parse function. A remote attack...

9.8CVSS9.3AI score0.28839EPSS
Exploits12Affected Software1
Circl
Circl
added 2023/01/18 6:31 a.m.7 views

CVE-2022-25901

creationtimestamp| type| source ---|---|--- 2023-01-18 06:31:03+00:00| published-proof-of-concept| https://github.com/advisories/GHSA-h452-7996-h45h...

7.5CVSS6.7AI score0.01546EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2023/01/18 5:0 a.m.11 views

CVE-2022-25901

Versions of the package cookiejar before 2.1.4 are vulnerable to Regular Expression Denial of Service ReDoS via the Cookie.parse function, which uses an insecure regular expression...

5.3CVSS7.7AI score0.01546EPSS
Exploits1References6
CVE
CVE
added 2023/01/18 5:0 a.m.114 views

CVE-2022-25901

CVE-2022-25901 affects the Node.js package cookiejar. The vulnerability is a denial of service (ReDoS) in Cookie.parse caused by an insecure regular expression, exploitable remotely to exhaust CPU. Public details confirm vulnerable versions include cookiejar before 2.1.4; affected products includ...

7.5CVSS6.2AI score0.01546EPSS
Exploits1References6Affected Software1
Rows per page
Query Builder