Lucene search
K

28 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.2 views

MiracleLinux 9 : pcs-0.11.3-4.el9.3.ML.1 (AXSA:2023-5266:07)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-5266:07 advisory. webpack: avoid cross-realm objects CVE-2023-28154 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory. Not...

9.8CVSS8.4AI score0.01421EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.2 views

EUVD-2023-33823

Malicious code in bioql PyPI...

9.8CVSS7.7AI score0.00974EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2023/12/29 2:27 p.m.57 views

Security Bulletin: Vulnerabilities in node.js affect Cloud Pak Sytem [CVE-2023-28154, CVE-2022-46175, CVE-2022-3517]

Summary Vulnerabilities in react-scripts node.js modules affect Cloud Pak System. Cloud Pak System has addressed those vulnerabilities. Vulnerability Details CVEID:CVE-2023-28154 DESCRIPTION: Webpack could allow a remote attacker to bypass security restrictions, caused by the mishandling of the...

9.8CVSS9.3AI score0.09304EPSS
Exploits1Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/07/20 12:0 a.m.25 views

Oracle Linux 9 : pcs (ELSA-2023-12595)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-12595 advisory. 0.11.4-7 - Fix displaying differences between configuration checkpoints in pcs config checkpoint diff command - Fix pcs stonith update-scsi-devices...

9.8CVSS6.8AI score0.0183EPSS
Exploits0References4
IBM Security Bulletins
IBM Security Bulletins
added 2023/07/06 6:13 p.m.23 views

Security Bulletin: IBM Watson Assistant for Cloud pak for Data is affected by vulnerabilities in Webpack [CVE-2023-28154]

Summary Potential security bypass vulnerability in Webpack has been identified that may affect IBM Watson Assistant for IBM Cloud Pak for Data. IBM has addressed this vulnerability. Refer to details for additional information. CVE-2023-28154 Vulnerability Details CVEID:CVE-2023-28154 DESCRIPTION:...

9.8CVSS9.3AI score0.01421EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/06/01 8:27 p.m.27 views

Security Bulletin: IBM Edge Application Manager has a vulnerability listed in CVE 2023-28154. IBM has addressed this vulnerability.

Summary IBM Edge Application Manager 4.5 addresses the security vulnerability listed in CVE 2023-28154. Vulnerability Details CVEID:CVE-2023-28154 DESCRIPTION: Webpack could allow a remote attacker to bypass security restrictions, caused by the mishandling of the magic comment feature by the...

9.8CVSS9.2AI score0.01421EPSS
Exploits0Affected Software1
OSV
OSV
added 2023/05/25 7:53 p.m.46 views

RLSA-2023:2652 Important: pcs security and bug fix update

The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Security Fixes: pcs: webpack: Regression of CVE-2023-28154 fixes in the Rocky Linux CVE-2023-2319 rubygem-rack: Denial of service in Multipart MIME parsing CVE-2023-27530 rubygem-rack: denial of...

9.8CVSS7AI score0.0183EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2023/05/25 12:0 a.m.29 views

Rocky Linux 9 : pcs (RLSA-2023:2652)

The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:2652 advisory. - It was discovered that an update for PCS package in RHBA-2023:2151 erratum released as part of Red Hat Enterprise Linux 9.2 failed to include the fix...

9.8CVSS6.8AI score0.0183EPSS
Exploits0References9
NVD
NVD
added 2023/05/17 11:15 p.m.20 views

CVE-2023-2319

It was discovered that an update for PCS package in RHBA-2023:2151 erratum released as part of Red Hat Enterprise Linux 9.2 failed to include the fix for the Webpack issue CVE-2023-28154 for PCS package, which was previously addressed in Red Hat Enterprise Linux 9.1 via erratum RHSA-2023:1591. Th...

9.8CVSS9.4AI score0.00974EPSS
Exploits0References3
Prion
Prion
added 2023/05/17 11:15 p.m.27 views

Code injection

It was discovered that an update for PCS package in RHBA-2023:2151 erratum released as part of Red Hat Enterprise Linux 9.2 failed to include the fix for the Webpack issue CVE-2023-28154 for PCS package, which was previously addressed in Red Hat Enterprise Linux 9.1 via erratum RHSA-2023:1591. Th...

7.5CVSS9.2AI score0.01421EPSS
Exploits0References3Affected Software3
CVE
CVE
added 2023/05/17 12:0 a.m.128 views

CVE-2023-2319

CVE-2023-28154 (Webpack ImportParserPlugin.js mishandling) is confirmed across multiple IBM and Red Hat related advisories in connected documents. The vulnerability could allow a remote attacker to bypass security restrictions or access the real global object. Concrete affected contexts include I...

9.8CVSS9.2AI score0.00974EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/05/14 12:0 a.m.27 views

AlmaLinux 9 : pcs (ALSA-2023:2652)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:2652 advisory. - It was discovered that an update for PCS package in RHBA-2023:2151 erratum released as part of Red Hat Enterprise Linux 9.2 failed to include the fix fo...

9.8CVSS6.8AI score0.0183EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/05/12 12:0 a.m.24 views

RHEL 9 : pcs (RHSA-2023:2652)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:2652 advisory. The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Security Fixes: pcs: webpack:...

9.8CVSS6.9AI score0.0183EPSS
Exploits0References11
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/09 12:1 p.m.30 views

Security Bulletin: IBM Cloud Pak for Network Automation 2.4.6 fixes multiple security vulnerabilities

Summary IBM Cloud Pak for Network Automation 2.4.6 fixes multiple security vulnerabilities, listed in the CVEs below. Vulnerability Details CVEID:CVE-2023-28154 DESCRIPTION: Webpack could allow a remote attacker to bypass security restrictions, caused by the mishandling of the magic comment featu...

9.8CVSS7.1AI score0.01831EPSS
Exploits1Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/04/24 12:0 a.m.22 views

Fedora 37 : pcs (2023-cb2e422088)

The remote Fedora 37 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-cb2e422088 advisory. - Fix displaying differences between configuration checkpoints in pcs config checkpoint diff command - Fix pcs stonith update-scsi-devices command which was...

9.8CVSS8.1AI score0.01421EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/04/24 12:0 a.m.31 views

Fedora 38 : pcs (2023-4d546e6b4b)

The remote Fedora 38 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-4d546e6b4b advisory. - Fix displaying differences between configuration checkpoints in pcs config checkpoint diff command - Fix pcs stonith update-scsi-devices command which was...

9.8CVSS8.1AI score0.01421EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2023/04/23 12:0 a.m.21 views

Fedora: Security Advisory for pcs (FEDORA-2023-4d546e6b4b)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.6AI score0.01421EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2023/04/11 12:52 p.m.34 views

Security Bulletin: Platform Navigator and Automation Assets in IBM Cloud Pak for Integration are vulnerable to Webpack (CVE-2023-28154)

Summary Platform Navigator and Automation Assets in IBM Cloud Pak for Integration are vulnerable to Webpack CVE-2023-28154 with details below. Vulnerability Details CVEID:CVE-2023-28154 DESCRIPTION: Webpack could allow a remote attacker to bypass security restrictions, caused by the mishandling o...

9.8CVSS9.3AI score0.01421EPSS
Exploits0Affected Software2
Tenable Nessus
Tenable Nessus
added 2023/04/06 12:0 a.m.41 views

Rocky Linux 9 : pcs (RLSA-2023:1591)

The remote Rocky Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2023:1591 advisory. - Webpack 5 before 5.76.0 does not avoid cross-realm object access. ImportParserPlugin.js mishandles the magic comment feature. An attacker who controls a proper...

9.8CVSS8AI score0.01421EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/04/06 12:0 a.m.25 views

Oracle Linux 9 : pcs (ELSA-2023-12235)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-12235 advisory. 0.11.3-4.el91.3 - Fixed a vulnerability in pcs-web-ui-node-modules - Resolves: rhbz2179900 Tenable has extracted the preceding description block directly from...

9.8CVSS8.1AI score0.01421EPSS
Exploits0References2
Rows per page
Query Builder