6 matches found
Security Bulletin: IBM Event Endpoint Management is vulnerable to improper input validation( CVE-2025-12758)
Summary IBM Event Endpoint Management is vulnerable to improper input validation due to incorrect Unicode string length calculation. Vulnerability Details CVEID:CVE-2025-12758 DESCRIPTION: Versions of the package validator before 13.15.22 are vulnerable to Incomplete Filtering of One or More...
Security Bulletin: IBM App Connect Enterprise is vulnerable to Incomplete Filtering of One or More Instances of Special Elements due to node module validator (CVE-2025-12758)
Summary IBM App Connect Enterprise Connector Discovery and OpenAPI Editor, IBM App Connect Enterprise Discovery Connectors and IBM App Connect Enterprise runtime are vulnerable to Incomplete Filtering of One or More Instances of Special Elements due to node module validator. Vulnerability Details...
Exploit for CVE-2025-12758
CVE-2025-12758: Validator.js isLength Unicode Variation Sele...
CVE-2025-12758 vulnerabilities
Vulnerabilities for packages: sqlpad, saf...
01homework (>=1.0.0 <=1.0.1), 0xauth (>=0.0.2 <=0.0.6) +7182 more potentially affected by CVE-2025-12758 via validator (>=0.1.8 <=13.15.20)
validator NPM version =0.1.8, =1.0.0, =0.0.2, =0.0.6, =0.0.1, =1.0.0, =4.11.0, =0.0.0-canary.0, =0.0.2, =0.0.1, =0.1.0, =0.8.0, =1.0.17, =1.0.33 and more Source cves: CVE-2025-12758 Source advisory: OSV:GHSA-VGHF-HV5Q-VC2G...
CVE-2025-12758
Versions of the package validator before 13.15.22 are vulnerable to Incomplete Filtering of One or More Instances of Special Elements in the isLength function that does not take into account Unicode variation selectors \uFE0F, \uFE0E appearing in a sequence which lead to improper string length...