Lucene search
K

17 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/05/25 3:16 p.m.11 views

Security Bulletin: A js-yaml-4.1.0.tgz vulnerability found by Scanner affects IBM Rational Functional Tester / DevOps Test UI

Summary There is a vulnerability in js-yaml-4.1.0.tgz used by Rational Functional Tester RFT / DevOps Test UI Test UI. RFT/Test UI has addressed the applicable CVE Vulnerability Details CVEID:CVE-2025-64718 DESCRIPTION: js-yaml is a JavaScript YAML parser and dumper. In js-yaml before 4.1.1 and...

5.3CVSS6.6AI score0.00414EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/03/17 12:0 a.m.5 views

Fedora 42 : yarnpkg (2026-b8aad5411e)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-b8aad5411e advisory. Update vendor bundle. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

5.3CVSS6.7AI score0.00414EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/12 12:3 p.m.7 views

Security Bulletin: Multiple Vulnerabilities in IBM Event Streams

Summary Multiple vulnerabilities were addressed in IBM Event Streams version 12.2.2 Vulnerability Details CVEID:CVE-2025-64718 DESCRIPTION: js-yaml is a JavaScript YAML parser and dumper. In js-yaml before 4.1.1 and 3.14.2, it's possible for an attacker to modify the prototype of the result of a...

7.5CVSS7.3AI score0.00414EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/24 7:4 p.m.8 views

Security Bulletin: Vulnerabilities in js-yaml-3.14.1.tgz, js-yaml-4.1.0.tgz affecting MongoDB Enterprised Advanced (CVE-2025-64718)

Summary There are vulnerabilities in js-yaml-3.14.1.tgz, js-yaml-4.1.0.tgz used in MongoDB Enterprised Advanced for IBM, involving CVE-2025-64718. The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2025-64718 DESCRIPTION: js-yaml is a JavaScript YAML parser and dumper. In...

5.3CVSS5.5AI score0.00414EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/02/22 12:0 a.m.4 views

openSUSE 16 Security Update : cockpit-repos (openSUSE-SU-2026:20251-1)

The remote openSUSE 16 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20251-1 advisory. Update to version 4.7. Security issues fixed: - CVE-2025-13465: prototype pollution in the .unset and .omit functions can lead to deletion of...

8.2CVSS6.5AI score0.01535EPSS
Exploits0References6
OPENSUSE Linux
OPENSUSE Linux
added 2026/02/21 12:0 a.m.8 views

Security update for cockpit-repos (important)

openSUSE security update: security update for cockpit-repos ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20251-1 Rating: important References: bsc1255425 bsc1257325 Cross-References: CVE-2025-13465 CVE-2025-64718 CVSS scores: CVE-2025-13465 SUSE ...

8.8CVSS6.6AI score0.01535EPSS
Exploits0References2
OSV
OSV
added 2026/02/18 11:27 a.m.4 views

SUSE-SU-2026:20580-1 Security update for cockpit-repos

This update for cockpit-repos fixes the following issues: Update to version 4.7. Security issues fixed: - CVE-2025-13465: prototype pollution in the .unset and .omit functions can lead to deletion of methods from global bsc1257325. - CVE-2025-64718: js-yaml prototype pollution in merge bsc1255425...

8.2CVSS5.8AI score0.01535EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2026/02/05 12:0 a.m.3 views

SUSE: Security Advisory (SUSE-SU-2026:20182-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.3CVSS5.4AI score0.00414EPSS
Exploits0References4
vulnersOsv
vulnersOsv
added 2025/11/14 2:29 p.m.9 views

200-ok-boomer (>=2.0.0 <=2.1.0), 20190403-utils (=1.0.0) +10109 more potentially affected by CVE-2025-64718 via js-yaml (>=0.3.5 <=3.14.1)

js-yaml NPM version =0.3.5, =2.0.0, =1.0.0, =0.0.2, =1.0.0, =0.1.1, =0.1.0, =1.0.0, =0.2.39, =0.0.1, =1.0.2, =2.0.3, =2.0.7 and more Source cves: CVE-2025-64718 Source advisory: OSV:GHSA-MH29-5H37-FV8M...

5.3CVSS6.2AI score0.00414EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/11/14 2:29 p.m.8 views

02.aula (=1.0.0), 0xsodium (>=0.2.0 <=0.14.0) +7962 more potentially affected by CVE-2025-64718 via js-yaml (>=4.0.0 <=4.1.0)

js-yaml NPM version =4.0.0, =0.2.0, =0.0.3, =4.11.0, =0.0.1, =0.1.23, =0.1.4, =6.1.5, =0.2.0, =0.2.0, =1.0.0, =1.1.0 and more Source cves: CVE-2025-64718 Source advisory: OSV:GHSA-MH29-5H37-FV8M...

5.3CVSS6.2AI score0.00414EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/11/13 4:42 p.m.9 views

02.aula (=1.0.0), 0xsodium (>=0.2.0 <=0.14.0) +7962 more potentially affected by CVE-2025-64718 via js-yaml (>=4.0.0 <=4.1.0)

js-yaml NPM version =4.0.0, =0.2.0, =0.0.3, =4.11.0, =0.0.1, =0.1.23, =0.1.4, =6.1.5, =0.2.0, =0.2.0, =1.0.0, =1.1.0 and more Source cves: CVE-2025-64718 Source advisory: SNYK:JS-JSYAML-13961110...

5.3CVSS6.2AI score0.00414EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/11/13 4:42 p.m.7 views

org.webjars.npm:coveralls-next (=4.2.2) potentially affected by CVE-2025-64718 via org.webjars.npm:js-yaml (=4.1.0)

org.webjars.npm:js-yaml MAVEN version =4.1.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.webjars.npm:js-yaml and may be impacted: - org.webjars.npm:coveralls-next =4.2.2 Source cves: CVE-2025-64718 Source advisory: SNYK:JAVA-ORGWEBJARSNPM-13961...

5.3CVSS6.6AI score0.00414EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/11/13 4:42 p.m.5 views

200-ok-boomer (>=2.0.0 <=2.1.0), 20190403-utils (=1.0.0) +6665 more potentially affected by CVE-2025-64718 via js-yaml (>=3.0.0 <=3.14.1)

js-yaml NPM version =3.0.0, =2.0.0, =1.0.0, =0.1.1, =0.1.0, =1.0.0, =0.2.39, =0.0.1, =1.0.2, =2.0.3, =0.0.327, =0.0.308, =1.0.29, =1.0.30 and more Source cves: CVE-2025-64718 Source advisory: SNYK:JS-JSYAML-13961110...

5.3CVSS6.2AI score0.00414EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/11/13 4:42 p.m.9 views

com.salesforce.perfeng.uiperf:ImageOptimization (=2.0.1), org.webjars:imagemin (>=0.4.6-1 <=3.1.0) +2 more potentially affected by CVE-2025-64718 via org.webjars:js-yaml (=3.0.2)

org.webjars:js-yaml MAVEN version =3.0.2 is affected by a known vulnerability. The following packages have a transitive dependency on org.webjars:js-yaml and may be impacted: - com.salesforce.perfeng.uiperf:ImageOptimization =2.0.1 - org.webjars:imagemin =0.4.6-1, =0.1.0-1, =4.0.0 -...

5.3CVSS6.6AI score0.00414EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/11/13 4:42 p.m.9 views

org.webjars.bowergithub.lostinbrittany:granite-yaml (=1.1.0) potentially affected by CVE-2025-64718 via org.webjars.bowergithub.nodeca:js-yaml (=3.14.1)

org.webjars.bowergithub.nodeca:js-yaml MAVEN version =3.14.1 is affected by a known vulnerability. The following packages have a transitive dependency on org.webjars.bowergithub.nodeca:js-yaml and may be impacted: - org.webjars.bowergithub.lostinbrittany:granite-yaml =1.1.0 Source cves:...

5.3CVSS6.6AI score0.00414EPSS
Exploits0
OSV
OSV
added 2025/11/13 4:15 p.m.1 views

DEBIAN-CVE-2025-64718

js-yaml is a JavaScript YAML parser and dumper. In js-yaml before 4.1.1 and 3.14.2, it's possible for an attacker to modify the prototype of the result of a parsed yaml document via prototype pollution proto. All users who parse untrusted yaml documents may be impacted. The problem is patched in...

5.3CVSS6.2AI score0.00414EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/11/13 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2025-64718

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - js-yaml is a JavaScript YAML parser and dumper. In js-yaml before 4.1.1 and 3.14.2, it's possible for an attacker to modify the prototype of the result of a...

5.3CVSS6.3AI score0.00414EPSS
Exploits0References4
Rows per page
Query Builder