4443 matches found
jousset-avocats.secibonline.fr Cross Site Scripting vulnerability OBB-2388701
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
katiks.ru Cross Site Scripting vulnerability OBB-2388700
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
maarifphone.micromagma.ma Cross Site Scripting vulnerability OBB-2388697
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
misao.blog Cross Site Scripting vulnerability OBB-2388696
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
moico.pl Cross Site Scripting vulnerability OBB-2388695
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
sapworld.ir Cross Site Scripting vulnerability OBB-2388689
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
rips.club Cross Site Scripting vulnerability OBB-2388692
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
test.udalenkavsem.ru Cross Site Scripting vulnerability OBB-2388682
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
tuinom.wiggersdesign.nl Cross Site Scripting vulnerability OBB-2388680
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
in ionicabizau/parse-path
Description parse-path is unable to detect the right resource. While parsing http://[email protected] url, parse-path thinks that the host/resource is example.com, however the actual resource is 127.0.0.1. Proof of Concept SSRF PoC javascript const parsePath = require"parse-path"; const axios...
Security Bulletin: IBM App Connect Enterprise Certified Container may be affected by CVE-2021-3749
Summary IBM App Connect Enterprise Certified Container may be affected by a regular expression denial of service vulnerability in axios due to CVE-2021-3749 Vulnerability Details CVEID: CVE-2021-3749 DESCRIPTION: axios is vulnerable to a denial of service, caused by a regular expression denial of...
Security Bulletin: App Connect Professional & IBM WebSphere Cast Iron Solution are affected by axios vulnerability
Summary App Connect Professional & IBM WebSphere Cast Iron Solution have addressed the following vulnerability reported in axios. Vulnerability Details CVEID: CVE-2021-3749 DESCRIPTION: axios is vulnerable to a denial of service, caused by a regular expression denial of service ReDoS flaw in the...
Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Axios
Summary IBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of Axios. Vulnerability Details CVEID: CVE-2021-3749 DESCRIPTION: axios is vulnerable to a denial of service, caused by a regular expression denial of service ReDoS flaw in the trim function. By sending a...
Important: Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.4 images and security updates
Red Hat Advanced Cluster Management for Kubernetes 2.4.0 General Availability release images, which fix several bugs and security issues. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a...
Security Bulletin: A security vulnerability in Node.js axios module affects IBM Cloud Pak for Multicloud Management Managed Services
Summary A security vulnerability in Node.js axios module affects IBM Cloud Pak for Multicloud Management Managed Services. Vulnerability Details CVEID: CVE-2021-3749 DESCRIPTION: axios is vulnerable to a denial of service, caused by a regular expression denial of service ReDoS flaw in the trim...
Axios Systems Assyst 代码问题漏洞
Axios Systems Assyst is an off-the-shelf application from UK-based Axios Systems for managing IT services without the complexity and overhead associated with ITSM platforms such as ServiceNow and BMC Remedy. Axios Systems Assyst version 10 SP7.5 suffers from a security vulnerability that stems fr...
Regular Expression Denial Of Service (ReDoS)
axios is vulnerable to Regular Expression Denial Of Service ReDoS. The vulnerability exists in trim in utils.js due to inefficient regular expression complexity which allows an attacker to crash the application by submitting a malicious string as a header...
-lidonghui (=1.0.0), -tompan-reacttemplate (>=1.0.1 <=1.1.0) +54338 more potentially affected by CVE-2021-3749 via axios (>=0.10.0 <=0.21.1)
axios NPM version =0.10.0, =1.0.1, =1.0.1, =1.0.0, =1.0.1 - 03-asenkronsdasdsadavehttprequest =1.0.0 - 04-17 =1.0.0 - 04-17zy =1.0.0 - 04-a =1.0.0 - 04-code =1.0.0 - 05-clima-mundo =1.0.0 - 0726react =0.1.1 - 0a =1.0.0 - 0c =1.0.0 and more Source cves: CVE-2021-3749 Source advisory:...
axios Inefficient Regular Expression Complexity vulnerability
axios before v0.21.2 is vulnerable to Inefficient Regular Expression Complexity...
GHSA-CPH5-M8F7-6C5X axios Inefficient Regular Expression Complexity vulnerability
axios before v0.21.2 is vulnerable to Inefficient Regular Expression Complexity...