Lucene search
K

30 matches found

OSV
OSV
added 2026/06/04 7:40 p.m.6 views

ROOT-APP-NPM-CVE-2024-29041 CVE-2024-29041 in @rootio/express - Patched by Root

Root has patched CVE-2024-29041 in the @rootio/express package for Root:npm. Multiple fixed versions available...

6.1CVSS7.6AI score0.00786EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2025/07/07 5:57 p.m.11 views

Security Bulletin: IBM watsonx Orchestrate Cartridge affected by vulnerability in express-4.17.3.tgz

Summary IBM watsonx Orchestrate Cartridge contains a vulnerable version of express-4.17.3.tgz Vulnerability Details CVEID:CVE-2024-29041 DESCRIPTION: Express.js minimalist web framework for node. Versions of Express.js prior to 4.19.0 and all pre-release alpha and beta versions of 5.0 are affecte...

6.1CVSS6.4AI score0.00786EPSS
Exploits0Affected Software1
OpenVAS
OpenVAS
added 2025/06/20 12:0 a.m.3 views

Ubuntu: Security Advisory (USN-7581-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.1CVSS9.4AI score0.00786EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/06/19 12:0 a.m.5 views

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 : Express vulnerabilities (USN-7581-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7581-1 advisory. It was discovered that Express incorrectly handled certain URLs, leading to an open redirect...

6.1CVSS5.6AI score0.00786EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2025/03/13 11:15 p.m.14 views

Security Bulletin: IBM DataStage on Cloud Pak for Data is vulnerable to a phishing attack due to the ExpressJS package (CVE-2024-29041)

Summary ExpressJS is used by IBM DataStage on Cloud Pak for Data as part of the web application framework. Vulnerability Details CVEID:CVE-2024-29041 DESCRIPTION: Express.js Express could allow a remote attacker to conduct phishing attacks, caused by an open redirect vulnerability. An attacker...

6.1CVSS6.5AI score0.00786EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2024-29041

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Express.js minimalist web framework for node. Versions of Express.js prior to 4.19.0 and all pre-release alpha and beta versions of 5.0 are affected by an open...

6.1CVSS6.3AI score0.00786EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/28 10:8 p.m.28 views

Security Bulletin: PVR0501342 [Express - CVE-2024-29041 (Publicly disclosed vulnerability) ]

Summary This Security Bulletin is created to reflect the remedian done for PVR0501342 Express - CVE-2024-29041 Publicly disclosed vulnerability. The 'express' has been upgraded in PowerHA GUI Rel 7.2.9 from version 4.16.4 to version 4.19.2 in order to resolve this PVR. Vulnerability Details...

6.1CVSS6.8AI score0.00786EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/28 10:8 p.m.28 views

Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to Express.js Express open redirect vulnerability [ CVE-2024-29041]

Summary Potential open redirect vulnerability in Express.js Express CVE-2024-29041 have been identified that could affect IBM Watson Assistant for IBM Cloud Pak for Data. The vulnerability have been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2024-29041...

6.1CVSS6.7AI score0.00786EPSS
Exploits0Affected Software1
RedHat Linux
RedHat Linux
added 2024/09/03 10:5 a.m.26 views

Important: Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.6.1 security update

Red Hat OpenShift Service Mesh Containers for 2.6.1 Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...

7.5CVSS6.7AI score0.01471EPSS
Exploits3References3
IBM Security Bulletins
IBM Security Bulletins
added 2024/08/22 12:21 a.m.33 views

Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Express.js

Summary IBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of Express.js Vulnerability Details CVEID:CVE-2024-29041 DESCRIPTION: Express.js Express could allow a remote attacker to conduct phishing attacks, caused by an open redirect vulnerability. An attacker could...

6.1CVSS6.6AI score0.00786EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/07/03 12:0 a.m.28 views

CBL Mariner 2.0 Security Update: reaper (CVE-2024-29041)

The version of reaper installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-29041 advisory. - Express.js minimalist web framework for node. Versions of Express.js prior to 4.19.0 and all pre-release alp...

6.1CVSS6.4AI score0.00786EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2024/06/26 10:29 p.m.45 views

Security Bulletin: IBM MQ Appliance vulnerable to open redirect (CVE-2024-29041)

Summary IBM MQ Appliance has addressed an open redirect vulnerability. Vulnerability Details CVEID:CVE-2024-29041 DESCRIPTION: Express.js Express could allow a remote attacker to conduct phishing attacks, caused by an open redirect vulnerability. An attacker could exploit this vulnerability using...

6.1CVSS6.5AI score0.00786EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/06/26 11:42 a.m.30 views

Security Bulletin: IBM Cloud Transformation Advisor is vulnerable to conduction of phishing attacks due to a web framework used in node

Summary There is a vulnerability in IBM WebSphere Application Server Liberty used by IBM Cloud Transformation Advisor CVE-2024-29041. Vulnerability Details CVEID:CVE-2024-29041 DESCRIPTION: Express.js Express could allow a remote attacker to conduct phishing attacks, caused by an open redirect...

6.1CVSS6.6AI score0.00786EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/06/25 10:7 p.m.43 views

Security Bulletin: Maximo Application suite - express-4.18.2.tgz is vulnerable to CVE-2024-29041 used in IBM Maximo Application Suite - Monitor Component

Summary IBM Maximo Application Suite - Monitor Component uses express-4.18.2.tgz which is vulnerable to CVE-2024-29041. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2024-29041 DESCRIPTION: Express.js Express could allow a remote attack...

6.1CVSS6.6AI score0.00786EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/06/17 8:14 p.m.48 views

Security Bulletin: QRadar Suite Software includes components with multiple known vulnerabilities

Summary QRadar Suite Software includes components with known vulnerabilities. These have been updated in the latest release and vulnerabilities have been addressed. Please follow the instructions in the Remediation/Fixes section below to update to the latest version. Vulnerability Details...

8.2CVSS9.5AI score0.02573EPSS
Exploits5Affected Software1
RedHat Linux
RedHat Linux
added 2024/06/17 12:43 a.m.46 views

Important: Red Hat Security Advisory: Network Observability 1.6.0 for OpenShift

Network Observability 1.6 for Red Hat OpenShift Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...

9.8CVSS7.2AI score0.01613EPSS
Exploits3References24
CBLMariner
CBLMariner
added 2024/06/06 7:53 p.m.26 views

CVE-2024-29041 affecting package reaper for versions less than 3.1.1-9

CVE-2024-29041 affecting package reaper for versions less than 3.1.1-9. An upgraded version of the package is available that resolves this issue...

6.1CVSS6.4AI score0.00786EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2024/06/06 6:30 a.m.39 views

Security Bulletin: IBM Maximo Application Suite uses express-4.18.2.tgz which is vulnerable to CVE-2024-29041.

Summary IBM Maximo Application Suite uses express-4.18.2.tgz which is vulnerable to CVE-2024-29041. This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2024-29041 DESCRIPTION: Express.js Express could allow a remote attacker to condu...

6.1CVSS6.3AI score0.00786EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/05/10 3:33 p.m.40 views

Security Bulletin: IBM App Connect Enterprise is vulnerable to a remote attack due to the node.js module follow-redirects and Express.js (CVE-2024-28849, CVE-2024-29041)

Summary IBM App Connect Enterprise is vulnerable to a remote attack due to node.js module follow-redirects and Express.js. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2024-28849 DESCRIPTION: Node.js follow-redirects module could allow...

6.5CVSS6.7AI score0.01044EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/04/27 1:48 p.m.37 views

Security Bulletin: security vulnerabilities are addressed with IBM Business Automation Insights iFix for April 2024.

Summary Security vulnerabilities are addressed with IBM Business Automation Insights 23.0.2-IF004. Vulnerability Details CVEID:CVE-2024-29041 DESCRIPTION: Express.js Express could allow a remote attacker to conduct phishing attacks, caused by an open redirect vulnerability. An attacker could...

6.5CVSS7.5AI score0.01639EPSS
Exploits1Affected Software1
Rows per page
Query Builder