Lucene search
K

80 matches found

Tenable Nessus
Tenable Nessus
added 2026/05/22 12:0 a.m.8 views

Unity Linux 20.1070e Security Update: nodejs-minimist (UTSA-2026-016760)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016760 advisory. Minimist =1.2.5 is vulnerable to Prototype Pollution via file index.js, function setKey lines 69-95. Tenable has extracted the preceding description block directly...

9.8CVSS7AI score0.04581EPSS
Exploits1References4
IBM Security Bulletins
IBM Security Bulletins
added 2025/09/02 2:29 p.m.5 views

Security Bulletin: DataStage on Cloud Pak for Data is vulnerable to prototype pollution due to the minimist package (CVE-2021-44906)

Summary Minimist is used by DataStage on Cloud Pak for Data as part of the command-line parsing functionality. Vulnerability Details CVEID:CVE-2021-44906 DESCRIPTION: Minimist =1.2.5 is vulnerable to Prototype Pollution via file index.js, function setKey lines 69-95. CWE:CWE-1321: Improperly...

9.8CVSS6.5AI score0.04581EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/06/25 4:12 p.m.3 views

Security Bulletin: IBM Storage Fusion Data Foundation is vulnerable to CWE in management-console (CVE-2021-44906)

Summary IBM Storage Fusion Data Foundation is affected in management-console. This bulletin identifies the steps to take to address the vulnerability in IBM Storage Fusion Data Foundation. CVE-2021-44906. Vulnerability Details CVEID:CVE-2021-44906 DESCRIPTION: Node.js Minimist module could allow ...

9.8CVSS8.2AI score0.04581EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/05/16 8:23 p.m.42 views

Security Bulletin: IBM i Modernization Engine for Lifecycle Integration is vulnerable to multiple vulnerabilities

Summary There are multiple vulnerabilities in components of IBM i Modernization Engine for Lifecycle Integration as described in the Vulnerability Details section. Node.js follow-redirects module could allow a remote authenticated attacker to obtain sensitive information CVE-2024-28849,...

9.8CVSS10AI score0.08515EPSS
Exploits13Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/02/29 12:0 a.m.40 views

CentOS 9 : nodejs-nodemon-2.0.20-2.el9

The remote CentOS Linux 9 host has a package installed that is affected by a vulnerability as referenced in the nodejs- nodemon-2.0.20-2.el9 build changelog. - Minimist =1.2.5 is vulnerable to Prototype Pollution via file index.js, function setKey lines 69-95. CVE-2021-44906 Note that Nessus has...

9.8CVSS7.3AI score0.04581EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2023/11/06 12:0 a.m.41 views

Rocky Linux 9 : nodejs and nodejs-nodemon (RLSA-2023:0321)

The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:0321 advisory. - Minimist =1.2.5 is vulnerable to Prototype Pollution via file index.js, function setKey lines 69-95. CVE-2021-44906 - A vulnerability was found in the...

9.8CVSS7.3AI score0.14024EPSS
Exploits2References10
IBM Security Bulletins
IBM Security Bulletins
added 2023/09/05 12:47 p.m.42 views

Security Bulletin:Multiple Vulnerabilities found in Turf.js which is shipped with IBM® Intelligent Operations Center(CVE-2021-44906, CVE-2020-7598)

Summary Multiple vulnerabilities have been identified in Turf.js which is shipped with IBM® Intelligent Operations Center. Information about these vulnerabilities affecting IBM® Intelligent Operations Center have been published and addressed the applicable CVEs. Vulnerability Details...

9.8CVSS8.9AI score0.04581EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/07/27 9:13 p.m.45 views

Security Bulletin: IBM Cognos Analytics has addressed a vulnerability (CVE-2021-44906)

Summary IBM Cognos Analytics is vulnerable to arbitrary code execution in the node.js minimist module CVE-2021-44906 . This vulnerability has been addressed in IBM Cognos Analytics 11.2.4 FP2. Vulnerability Details CVEID:CVE-2021-44906 DESCRIPTION: Node.js Minimist module could allow a remote...

9.8CVSS9.7AI score0.04581EPSS
Exploits1Affected Software1
Oracle linux
Oracle linux
added 2023/06/15 12:0 a.m.51 views

nodejs security update

1:16.19.1-2 - Update bundled c-ares to 1.19.1 Resolves: CVE-2023-31124 CVE-2023-31130 CVE-2023-31147 CVE-2023-32067 1:16.19.1-1 - Rebase to 16.19.1 - Resolves: rhbz2153714 - Resolves: CVE-2023-23918 CVE-2023-23919 CVE-2023-23936 CVE-2023-24807 CVE-2023-23920 - Resolves: CVE-2022-25881 CVE-2022-49...

9.8CVSS7AI score0.77766EPSS
Exploits10
RedHat Linux
RedHat Linux
added 2023/04/12 3:4 p.m.60 views

Important: Red Hat Security Advisory: nodejs:14 security, bug fix, and enhancement update

An update for the nodejs:14 module is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

9.8CVSS7.2AI score0.24928EPSS
Exploits11References19
Tenable Nessus
Tenable Nessus
added 2023/04/12 12:0 a.m.36 views

RHEL 8 : nodejs:14 (RHSA-2023:1742)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:1742 advisory. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The...

9.8CVSS7.7AI score0.24928EPSS
Exploits11References36
IBM Security Bulletins
IBM Security Bulletins
added 2023/04/04 6:18 p.m.113 views

Security Bulletin: IBM QRadar Data Synchronization App for IBM QRadar SIEM is vulnerable to using components with known vulnerabilities

Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. IBM QRadar Data Synchronization App for IBM QRadar SIEM has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2022-22313 DESCRIPTION: IBM QRadar Dat...

9.8CVSS8.3AI score0.04581EPSS
Exploits3Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/04/02 12:0 a.m.42 views

RHEL 8 : nodejs:14 (RHSA-2023:1533)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:1533 advisory. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The...

9.8CVSS7.7AI score0.24928EPSS
Exploits8References26
RedHat Linux
RedHat Linux
added 2023/03/30 1:6 p.m.39 views

Important: Red Hat Security Advisory: nodejs:14 security, bug fix, and enhancement update

An update for the nodejs:14 module is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

9.8CVSS7.2AI score0.24928EPSS
Exploits8References14
OpenVAS
OpenVAS
added 2023/03/28 12:0 a.m.35 views

Mageia: Security Advisory (MGASA-2023-0035)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.9AI score0.04581EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2023/03/01 10:2 p.m.6 views

minimist: prototype pollution

An Uncontrolled Resource Consumption flaw was found in minimist. The original fix for CVE-2020-7598 was incomplete as it was still possible to bypass in some cases. This flaw CVE-2021-44906 allows an attacker to trick the library into adding or modifying the properties of Object.prototype, using ...

9.8CVSS6.8AI score0.04581EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2023/03/01 9:45 p.m.3 views

minimist: prototype pollution

An Uncontrolled Resource Consumption flaw was found in minimist. The original fix for CVE-2020-7598 was incomplete as it was still possible to bypass in some cases. This flaw CVE-2021-44906 allows an attacker to trick the library into adding or modifying the properties of Object.prototype, using ...

9.8CVSS6.8AI score0.04581EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2023/03/01 9:45 p.m.39 views

Important: Red Hat Security Advisory: Red Hat Single Sign-On 7.6.2 security update on RHEL 8

New Red Hat Single Sign-On 7.6.2 packages are now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

9.8CVSS7.8AI score0.99615EPSS
Exploits42References32
OSV
OSV
added 2023/02/07 12:6 a.m.16 views

MGASA-2023-0035 Updated nodejs-minimist packages fix security vulnerability

Minimist =1.2.5 is vulnerable to Prototype Pollution via file index.js, function setKey lines 69-95. CVE-2021-44906...

9.8CVSS9.4AI score0.04581EPSS
Exploits1References3
Mageia
Mageia
added 2023/02/07 12:6 a.m.158 views

Updated nodejs-minimist packages fix security vulnerability

Minimist =1.2.5 is vulnerable to Prototype Pollution via file index.js, function setKey lines 69-95. CVE-2021-44906...

9.8CVSS3.5AI score0.04581EPSS
Exploits1References2
Rows per page
Query Builder