20 matches found
Security Bulletin: Security vulnerability in min-document may affect IBM Business Automation Workflow - CVE-2025-57352
Summary IBM Business Automation Workflow packages a vulnerable copy of min-document. Vulnerability Details CVEID:CVE-2025-57352 DESCRIPTION: A vulnerability exists in the 'min-document' package prior to version 2.19.0, stemming from improper handling of namespace operations in the removeAttribute...
Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses min-document which is vulnerable to CVE-2025-57352
Summary IBM Maximo Application Suite - Visual Inspection component uses min-document which is vulnerable to CVE-2025-57352, This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2025-57352 DESCRIPTION: A vulnerability exists in the...
Security Bulletin: IBM Security SOAR is using a component with a known vulnerability (CVE-2025-57352)
Summary IBM Security SOAR uses an older version of min-document that may be identified and exploited. Updates for supported versions have been released which address the issue. It is recommended customers upgrade to version 51.0.8.1 or later. Vulnerability Details CVEID:CVE-2025-57352 DESCRIPTION...
Security Bulletin: IBM Edge Data Collector uses min-document-2.19.0.tgz which is vulnerable to CVE-2025-57352.
Summary IBM Edge Data Collector uses min-document-2.19.0.tgz which is vulnerable to CVE-2025-57352. This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2025-57352 DESCRIPTION: A vulnerability exists in the 'min-document' package prior to version 2.19.0...
EUVD-2025-31047
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2025-57352
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability exists in the 'min-document' package prior to version 2.19.0, stemming from improper handling of namespace operations in the removeAttributeNS...
@remirror/core (>=0.2.0 <=0.11.0), @remirror/core-extensions (>=0.2.0 <=0.13.1) +42 more potentially affected by CVE-2025-57352 via min-document (>=2.17.0 <=2.19.0)
min-document NPM version =2.17.0, =0.2.0, =0.2.0, =0.4.2-ci.1569229282.9, =0.4.2-canary.2, =0.4.2-ci.1569229282.9, =0.4.2-ci.1569229282.9, =0.2.0, =0.2.0, =0.2.0, =0.4.0, =0.4.2-ci.1569229282.9, =0.2.0, =0.2.0, =0.2.0, =0.4.2-ci.1569229282.9, =0.13.1 and more Source cves: CVE-2025-57352 Source...
min-document vulnerable to prototype pollution
A vulnerability exists in the 'min-document' package prior to version 2.19.1, stemming from improper handling of namespace operations in the removeAttributeNS method. By processing malicious input involving the proto property, an attacker can manipulate the prototype chain of JavaScript objects,...
GHSA-RX8G-88G5-QH64 min-document vulnerable to prototype pollution
A vulnerability exists in the 'min-document' package prior to version 2.19.1, stemming from improper handling of namespace operations in the removeAttributeNS method. By processing malicious input involving the proto property, an attacker can manipulate the prototype chain of JavaScript objects,...
CVE-2025-57352
A vulnerability exists in the 'min-document' package prior to version 2.19.0, stemming from improper handling of namespace operations in the removeAttributeNS method. By processing malicious input involving the proto property, an attacker can manipulate the prototype chain of JavaScript objects,...
CVE-2025-57352
A vulnerability exists in the 'min-document' package prior to version 2.19.0, stemming from improper handling of namespace operations in the removeAttributeNS method. By processing malicious input involving the proto property, an attacker can manipulate the prototype chain of JavaScript objects,...
DEBIAN-CVE-2025-57352
A vulnerability exists in the 'min-document' package prior to version 2.19.0, stemming from improper handling of namespace operations in the removeAttributeNS method. By processing malicious input involving the proto property, an attacker can manipulate the prototype chain of JavaScript objects,...
UBUNTU-CVE-2025-57352
A vulnerability exists in the 'min-document' package prior to version 2.19.0, stemming from improper handling of namespace operations in the removeAttributeNS method. By processing malicious input involving the proto property, an attacker can manipulate the prototype chain of JavaScript objects,...
min-document 安全漏洞
min-document is a software library from the individual developer Jake Verbaten. A security vulnerability exists in min-document versions prior to 2.19.0, which stems from mishandling of namespace operations in the removeAttributeNS method, which could result in a denial of service or execution of...
CVE-2025-57352
A vulnerability exists in the 'min-document' package prior to version 2.19.0, stemming from improper handling of namespace operations in the removeAttributeNS method. By processing malicious input involving the proto property, an attacker can manipulate the prototype chain of JavaScript objects,...
CVE-2025-57352
CVE-2025-57352 affects the min-document package prior to 2.19.0 and is a prototype pollution issue via removeAttributeNS, triggered by input involving proto . IBM confirms affected products in connected bulletins: IBM Business Automation Workflow (containers and traditional), IBM Concert Software...
PT-2025-39316
Name of the Vulnerable Software and Affected Versions min-document versions prior to 2.19.0 Description A flaw exists in the 'min-document' package due to improper handling of namespace operations within the removeAttributeNS function. An attacker can exploit this by manipulating the prototype...
CVE-2025-57352
A vulnerability exists in the 'min-document' package prior to version 2.19.0, stemming from improper handling of namespace operations in the removeAttributeNS method. By processing malicious input involving the proto property, an attacker can manipulate the prototype chain of JavaScript objects,...
CVE-2025-57352
A vulnerability exists in the 'min-document' package prior to version 2.19.0, stemming from improper handling of namespace operations in the removeAttributeNS method. By processing malicious input involving the proto property, an attacker can manipulate the prototype chain of JavaScript objects,...
Malicious code in global-min-document (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 5f31926381530898f76c33bf3a3941e4c37e5866d33fbe1501baa831b6822165 The OpenSSF Package Analysis project identified 'global-min-document' @ 999999999.99.9 npm as malicious. It is considered malicious because: - T...