Lucene search
K

107 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2023/05/15 6:59 p.m.33 views

Security Bulletin: Open Source Dependency Vulnerability

Summary IBM Edge Application Manager 4.5 has resolved the vulnerability. Vulnerability Details CVEID:CVE-2021-33502 DESCRIPTION: Node.js normalize-url module is vulnerable to a denial of service, caused by a ReDoS regular expression denial of service flaw in the data URLs. By using a...

7.5CVSS8AI score0.01705EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/15 6:57 p.m.18 views

Security Bulletin: Open Source Dependency Vulnerability

Summary IBM Edge Application Manager 4.5 has resolved the vulnerability. Vulnerability Details CVEID:CVE-2022-25851 DESCRIPTION: Node.js jpeg-js module is vulnerable to a denial of service, caused by improper input validation. By sending a specially-crafted request, a remote attacker could exploi...

7.5CVSS7.3AI score0.01762EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/15 6:56 p.m.40 views

Security Bulletin: Open Source Dependency Vulnerability

Summary IBM Edge Application Manager 4.5 has resolved the vulnerability. Vulnerability Details CVEID:CVE-2022-36109 DESCRIPTION: Moby could allow a remote authenticated attacker to execute arbitrary code on the system, caused by a flaw with the supplementary groups are not set up properly. By...

6.3CVSS8.2AI score0.02693EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/15 6:55 p.m.50 views

Security Bulletin: Open Source Dependency Vulnerability

Summary IBM Edge Application Manager 4.5 has resolved the vulnerability. Vulnerability Details CVEID:CVE-2022-3172 DESCRIPTION: Kubernetes kube-apiserver is vulnerable to server-side request forgery, caused by a flaw with allowing an aggregated API server to redirect client traffic to any URL. By...

8.2CVSS5.9AI score0.02464EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/15 6:53 p.m.38 views

Security Bulletin: Open Source Dependency Vulnerability

Summary IBM Edge Application Manager4.5 has resolved the vulnerability. Vulnerability Details CVEID:CVE-2021-23337 DESCRIPTION: Node.js lodash module could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by a command injection flaw in the template. By...

7.2CVSS7.2AI score0.2241EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/15 6:52 p.m.46 views

Security Bulletin: Open Source Dependency Vulnerability

Summary IBM Edge Application Manager 4.5 has resolved the vulnerability. Vulnerability Details CVEID:CVE-2021-23346 DESCRIPTION: Node.js html-parse-stringify and html-parse-stringify2 modules are vulnerable to a denial of service, caused by a regular expression denial of service ReDoS. By sending...

5.3CVSS5.3AI score0.02217EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/15 6:50 p.m.41 views

Security Bulletin: Open Source Dependency Vulnerability

Summary IBM Edge Application Manager 4.5 has resolved the vulnerability. Vulnerability Details CVEID:CVE-2021-41190 DESCRIPTION: Open Container Initiative Distribution Specification could allow a remote authenticated attacker to bypass security restrictions, caused by a flaw when a Content-Type...

9.1CVSS7.8AI score0.27392EPSS
Exploits5Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/15 6:49 p.m.62 views

Security Bulletin: Open Source Dependency Vulnerability

Summary IBM Edge Application Manager 4.5 has resolved the vulnerability. Vulnerability Details CVEID:CVE-2020-25864 DESCRIPTION: HashiCorp Consul is vulnerable to cross-site scripting, caused by improper validation of user-supplied input of the key-value store by the KV API. A remote attacker cou...

7.5CVSS8.7AI score0.08912EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/15 6:46 p.m.29 views

Security Bulletin: Open Source Dependency Vulnerability

Summary IBM Edge Application Manager 4.5 has resolved the vulnerability. Vulnerability Details CVEID:CVE-2022-37599 DESCRIPTION: loader-utils is vulnerable to a denial of service, caused by a regular expression denial of service ReDoS flaw in the interpolateName.js script. By sending...

7.5CVSS8.1AI score0.0204EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/15 6:43 p.m.17 views

Security Bulletin: Open Source Dependency Vulnerability

Summary IBM Edge Application Manager 4.5 has resolved the vulnerability. Vulnerability Details CVEID:CVE-2022-3517 DESCRIPTION: minimatch is vulnerable to a denial of service, caused by a regular expression denial of service ReDoS flaw in the braceExpand function. By sending specially-crafted reg...

7.5CVSS8.2AI score0.01674EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/15 6:40 p.m.28 views

Security Bulletin: Open Source Dependency Vulnerability

Summary IBM Edge Application Manager 4.5 has resolved the vulnerability. Vulnerability Details CVEID:CVE-2021-23413 DESCRIPTION: jszip is vulnerable to a denial of service, caused by a prototype pollution flaw. By using a specially-crafted zip file with filenames set to Object prototype values, a...

5.3CVSS5.3AI score0.03307EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/15 6:38 p.m.30 views

Security Bulletin: Open Source Dependency Vulnerability

Summary IBM Edge Application Manager 4.5 has resolved the vulnerability. Vulnerability Details CVEID:CVE-2021-23424 DESCRIPTION: Node.js ansi-html module is vulnerable to a denial of service, caused by a regular expression denial of service ReDoS flaw. By sending a specially-crafted regex input, ...

7.5CVSS7.2AI score0.01981EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/15 6:34 p.m.37 views

Security Bulletin: Open Source Dependency Vulnerability

Summary IBM Edge Application Manager 4.5 has resolved the vulnerability. Vulnerability Details CVEID:CVE-2022-30633 DESCRIPTION: Golang Go is vulnerable to a denial of service, caused by an uncontrolled recursion flaw in Unmarshal in encoding/xml due to stack exhaustion. By parsing a...

7.5CVSS6.8AI score0.07293EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/15 6:33 p.m.42 views

Security Bulletin: Open Source Dependency Vulnerability

Summary IBM Edge Application Manager 4.5 has resolved the vulnerability. Vulnerability Details CVEID:CVE-2021-32803 DESCRIPTION: Node.js tar module could allow a local attacker to traverse directories on the system, caused by insufficient symlink protection. An attacker could use a...

8.6CVSS8.4AI score0.15014EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/15 6:31 p.m.43 views

Security Bulletin: Open Source Dependency Vulnerability

Summary IBM Edge Application Manager 4.5 has resolved the vulnerability. Vulnerability Details CVEID:CVE-2022-37601 DESCRIPTION: webpack loader-utils could allow a remote attacker to execute arbitrary code on the system, caused by a prototype pollution flaw in the parseQuery function in...

9.8CVSS9.1AI score0.02601EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/15 6:30 p.m.65 views

Security Bulletin: Open Source Dependency Vulnerability

Summary IBM Edge Application Manager 4.5 has resolved the vulnerability. Vulnerability Details CVEID:CVE-2022-31129 DESCRIPTION: Moment is vulnerable to a denial of service, caused by inefficient regular expression complexity. By sending a specially-crafted request, a remote attacker could exploi...

7.5CVSS7.6AI score0.05664EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/15 6:29 p.m.33 views

Security Bulletin: Open Source Dependency Vulnerability

Summary IBM Edge Application Manager 4.5 has resolved the vulnerability. Vulnerability Details CVEID:CVE-2021-23362 DESCRIPTION: Node.js hosted-git-info module is vulnerable to a denial of service, caused by a regular expression denial of service ReDoS flaw in the fromUrl function in index.js. By...

5.3CVSS7.1AI score0.03612EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/15 6:26 p.m.35 views

Security Bulletin: Open Source Dependency Vulnerability

Summary IBM Edge Application Manager 4.5 has resolved the vulnerability. Vulnerability Details CVEID:CVE-2021-35065 DESCRIPTION: Node.js glob-parent module is vulnerable to a denial of service, caused by an error in the enclosure regex. By sending a specially crafted string prepended with the...

7.5CVSS7AI score0.04456EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/15 6:11 p.m.24 views

Security Bulletin: Open Source Dependency Vulnerability

Summary IBM Edge Application Manager 4.5 has resolved the vulnerability. Vulnerability Details CVEID:CVE-2021-23364 DESCRIPTION: Browserslist is vulnerable to a denial of service, caused by a regular expression denial of service ReDoS during parsing of queries. By sending a specially-crafted...

5.3CVSS5.4AI score0.02429EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/15 6:3 p.m.29 views

Security Bulletin: Open Source Dependency Vulnerability

Summary IBM Edge Application Manager 4.5 has resolved the vulnerability. Vulnerability Details CVEID:CVE-2022-25758 DESCRIPTION: Node.js scss-tokenizer module is vulnerable to a denial of service, caused by a regular expression denial of service ReDoS vulnerability in the loadAnnotation function....

7.5CVSS6AI score0.01949EPSS
Exploits1Affected Software1
Rows per page
Query Builder