4 matches found
Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerabilities in axios-1.12.2.tgz
Summary IBM Watson Discovery Cartridge affected by vulnerabilities in axios-1.12.2.tgz Vulnerability Details CVEID:CVE-2025-62718 DESCRIPTION: Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.0 and 0.31.0, Axios does not correctly handle hostname normalization when...
Fedora 44 : pgadmin4 (2026-34c2bf6df4)
The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-34c2bf6df4 advisory. Update axios to 1.15.0, fixes CVE-2026-40175 and CVE-2025-62718. ---- Update to pgadmin4-9.14. Tenable has extracted the preceding description block...
CVE-2026-39865 vulnerabilities
Vulnerabilities for packages: kubeflow-centraldashboard...
CVE-2026-39865 Axios HTTP/2 Session Cleanup State Corruption Vulnerability
Axios is a promise based HTTP client for the browser and Node.js. Starting in version 1.13.0 and prior to 1.13.2, Axios HTTP/2 session cleanup logic contains a state corruption bug that allows a malicious server to crash the client process through concurrent session closures. The vulnerability...