177 matches found
USN-5159-1 node-bl vulnerability
It was discovered that bl incorrectly handled certain inputs. An attacker could possibly use this issue to cause a denial of service...
Ubuntu: Security Advisory (USN-5098-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 18.04 LTS : bl vulnerability (USN-5098-1)
The remote Ubuntu 18.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-5098-1 advisory. It was discovered that bl didn't properly sanitize the inputs. An attacker could use this to leak sensitive information. Tenable has extracted the preceding...
Debian DLA-2698-1 : node-bl - LTS security update
The remote Debian 9 host has a package installed that is affected by a vulnerability as referenced in the dla-2698 advisory. - A buffer over-read vulnerability exists in bl 4.0.3, 3.0.1, 2.2.1, and 1.2.3 which could allow an attacker to supply user input even typed that if it ends up in consume...
DLA-2698-1 node-bl - security update
Bulletin has no description...
Debian: Security Advisory (DLA-2698-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 2698-1] node-bl security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2698-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz July 01, 2021 https://wiki.debian.org/LTS -...
Security Bulletin: A security vulnerability in Node.js bl module affects IBM Cloud Pak for Multicloud Management Managed Service.
Summary A security vulnerability in Node.js bl module affects IBM Cloud Pak for Multicloud Management Infrastructure Management Managed Service. Vulnerability Details CVEID: CVE-2020-8244 DESCRIPTION: Node.js bl module could allow a remote attacker to obtain sensitive information, caused by a...
Security Bulletin: A security vulnerability in Node.js bl module affects IBM Cloud Automation Manager.
Summary A security vulnerability in Node.js bl module affects IBM Cloud Automation Manager. Vulnerability Details CVEID: CVE-2020-8244 DESCRIPTION: Node.js bl module could allow a remote attacker to obtain sensitive information, caused by a buffer over-read flaw in the consume function. By sendin...
Security Bulletin: Version 4.0.2 of Node.js module bl included in IBM Netcool Operations Insight 1.6.1.x has a security vulnerability
Summary Security Bulletin: Version 4.0.2 of Node.js module bl included in IBM Netcool Operations Insight 1.6.1.x has a security vulnerability Vulnerability Details CVEID: CVE-2020-8244 DESCRIPTION: Node.js bl module could allow a remote attacker to obtain sensitive information, caused by a buffer...
bl-lynx.com Cross Site Scripting vulnerability OBB-1458011
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
@cowlick/analyzer (>=0.10.0 <=0.11.0), @cowlick/kag-compiler (>=0.10.0 <=0.11.0) +1 more potentially affected by CVE-2020-8244 via bl (=3.0.0)
bl NPM version =3.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on bl and may be impacted: - @cowlick/analyzer =0.10.0, =0.10.0, =1.0.0, =1.0.3 Source cves: CVE-2020-8244 Source advisory: OSV:GHSA-PP7H-53GX-MX7R...
@here/harp-leaflet (>=0.2.4 <=0.2.5) potentially affected by CVE-2020-8244 via bl (=4.0.2)
bl NPM version =4.0.2 is affected by a known vulnerability. The following packages have a transitive dependency on bl and may be impacted: - @here/harp-leaflet =0.2.4, =0.2.5 Source cves: CVE-2020-8244 Source advisory: OSV:GHSA-PP7H-53GX-MX7R...
00ld8nuivn (=2.1.0), 00rqiw31nd (=2.1.0) +16521 more potentially affected by CVE-2020-8244 via bl (>=0.1.1 <=1.2.1)
bl NPM version =0.1.1, =1.2.1 is affected by a known vulnerability. The following packages have a transitive dependency on bl and may be impacted: - 00ld8nuivn =2.1.0 - 00rqiw31nd =2.1.0 - 01dk01majk =2.1.0 - 02rjq8i863 =1.1.0 - 02vx8qsp01 =2.1.0 - 05y6tjgmws =1.1.0 - 06-tekbooks =0.1.0 -...
@cowlick/analyzer (>=0.9.0 <=0.9.1), @cowlick/kag-compiler (>=0.9.0 <=0.9.1) +4 more potentially affected by CVE-2020-8244 via bl (=2.0.1)
bl NPM version =2.0.1 is affected by a known vulnerability. The following packages have a transitive dependency on bl and may be impacted: - @cowlick/analyzer =0.9.0, =0.9.0, =4.1.6, =1.2.0, =1.0.0, =1.0.0, =1.1.37 Source cves: CVE-2020-8244 Source advisory: OSV:GHSA-PP7H-53GX-MX7R...
CVE-2020-8244
A buffer over-read vulnerability exists in bl 4.0.3, 3.0.1, 2.2.1, and 1.2.3 which could allow an attacker to supply user input even typed that if it ends up in consume argument and can become negative, the BufferList state can be corrupted, tricking it into exposing uninitialized memory via...
CVE-2020-8244
A buffer over-read vulnerability exists in bl 4.0.3, 3.0.1, 2.2.1, and 1.2.3 which could allow an attacker to supply user input even typed that if it ends up in consume argument and can become negative, the BufferList state can be corrupted, tricking it into exposing uninitialized memory via...
CVE-2020-8244
A buffer over-read vulnerability exists in bl 4.0.3, 3.0.1, 2.2.1, and 1.2.3 which could allow an attacker to supply user input even typed that if it ends up in consume argument and can become negative, the BufferList state can be corrupted, tricking it into exposing uninitialized memory via...
Buffer overflow
A buffer over-read vulnerability exists in bl 4.0.3, 3.0.1, 2.2.1, and 1.2.3 which could allow an attacker to supply user input even typed that if it ends up in consume argument and can become negative, the BufferList state can be corrupted, tricking it into exposing uninitialized memory via...
UBUNTU-CVE-2020-8244
A buffer over-read vulnerability exists in bl 4.0.3, 3.0.1, 2.2.1, and 1.2.3 which could allow an attacker to supply user input even typed that if it ends up in consume argument and can become negative, the BufferList state can be corrupted, tricking it into exposing uninitialized memory via...