Lucene search
+L

24 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2022-0536

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper Removal of Sensitive Information Before Storage or Transfer in NPM follow-redirects prior to 1.14.8. CVE-2022-0536 Note that Nessus relies on the...

5.9CVSS6.6AI score0.0126EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2024/05/16 8:23 p.m.44 views

Security Bulletin: IBM i Modernization Engine for Lifecycle Integration is vulnerable to multiple vulnerabilities

Summary There are multiple vulnerabilities in components of IBM i Modernization Engine for Lifecycle Integration as described in the Vulnerability Details section. Node.js follow-redirects module could allow a remote authenticated attacker to obtain sensitive information CVE-2024-28849,...

9.8CVSS10AI score0.08515EPSS
Exploits13Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/02/07 9:34 p.m.33 views

Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to Node.js follow-redirects module information disclosure vulnerabilities (CVE-2022-0536, CVE-2022-0155)

Summary Potential information disclosure vulnerabilities in Node.js follow-redirects module CVE-2022-0536, CVE-2022-0155 has been identified that may affect IBM Watson Assistant for IBM Cloud Pak for Data. Refer to details for additional information. Vulnerability Details CVEID:CVE-2022-0536...

8CVSS5.7AI score0.02426EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/01/30 9:27 p.m.48 views

Security Bulletin: Multiple Security Vulnerabilities may affect IBM Robotic Process Automation for Cloud Pak.

Summary Multiple Security Vulnerabilities may affect IBM Robotic Process Automation for Cloud Pak. Node.js follow-redirects is used by IBM Robotic Process Automation as part of API Server functionality CVE-2022-0536. Madialize URI.js module for NPM is used by IBM Robotic Process Automation as par...

7.8CVSS7.7AI score0.01995EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/11/09 6:53 p.m.37 views

Security Bulletin: IBM QRadar Assistant app for IBM QRadar SIEM includes components with multiple known vulnerabilities

Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. IBM has released a new version which addresses the vulnerabilities. Vulnerability Details CVEID:CVE-2021-42581 DESCRIPTION: Ramda could allow a remote attacker t...

9.1CVSS8.8AI score0.2241EPSS
Exploits14Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/10/19 9:11 p.m.50 views

Security Bulletin: IBM Security QRadar Analyst Workflow app for IBM QRadar SIEM is vulnerable to using components with known vulnerabilities

Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. IBM has addressed the vulnerabilities. Vulnerability Details CVEID:CVE-2021-44906 DESCRIPTION: Node.js Minimist module could allow a remote attacker to execute...

9.8CVSS9.2AI score0.04581EPSS
Exploits7Affected Software1
RedHat Linux
RedHat Linux
added 2022/08/24 1:45 p.m.86 views

Important: Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.11.0 security, enhancement, & bugfix update

Updated images that include numerous enhancements, security, and bug fixes are now available for Red Hat OpenShift Data Foundation 4.11.0 on Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System...

9.8CVSS7AI score0.0995EPSS
Exploits7References137
IBM Security Bulletins
IBM Security Bulletins
added 2022/08/03 11:16 a.m.31 views

Security Bulletin: Vulnerability in the Node.js follow-redirects component affects IBM Event Streams (CVE-2022-0536)

Summary This security vulnerability affects the follow-redirects component that is used by IBM Event Streams. Vulnerability Details CVEID:CVE-2022-0536 DESCRIPTION: Node.js follow-redirects module could allow a remote authenticated attacker to obtain sensitive information, caused by a leakage of...

5.9CVSS5.1AI score0.0126EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/07/14 3:2 p.m.42 views

Security Bulletin: IBM MQ Appliance is affected by follow-redirects vulnerabilities (CVE-2022-0155 and CVE-2022-0536)

Summary IBM MQ Appliance has resolved follow-redirects vulnerabilities. Vulnerability Details CVEID: CVE-2022-0155 DESCRIPTION: follow-redirects could allow a remote attacker to obtain sensitive information, caused by an unauthorized actor. By sending a specially-crafted request, a remote...

8CVSS2AI score0.02426EPSS
Exploits2Affected Software1
RedHat Linux
RedHat Linux
added 2022/07/01 9:52 a.m.68 views

Moderate: Red Hat Security Advisory: Migration Toolkit for Containers (MTC) 1.7.2 security and bug fix update

The Migration Toolkit for Containers MTC 1.7.2 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

8.8CVSS6.7AI score0.03552EPSS
Exploits2References30
RedHat Linux
RedHat Linux
added 2022/06/28 5:3 p.m.77 views

Moderate: Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.3.11 security updates and bug fixes

Red Hat Advanced Cluster Management for Kubernetes 2.3.11 general availability release images, which provide security updates and bug fixes. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a...

9.1CVSS8.9AI score0.05664EPSS
Exploits3References36
IBM Security Bulletins
IBM Security Bulletins
added 2022/05/12 3:35 p.m.48 views

Security Bulletin: Vulnerabilities in Node.js affect IBM App Connect Enterprise & IBM Integration Bus (CVE-2022-0155 & CVE-2022-0536)

Summary IBM App Connect Enterprise and IBM Integration Bus ship with Node.js for which vulnerabilities were reported and have been addressed. Vulnerability details are listed below. Vulnerability Details CVEID: CVE-2022-0536 DESCRIPTION: Node.js follow-redirects module could allow a remote...

8CVSS1.2AI score0.02426EPSS
Exploits2Affected Software2
RedHat Linux
RedHat Linux
added 2022/05/05 6:2 p.m.71 views

Moderate: Red Hat Security Advisory: Red Hat OpenShift Service Mesh 2.1.2.1 containers security update

An update for is now available for OpenShift Service Mesh 2.1. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

9.8CVSS7AI score0.04581EPSS
Exploits2References8
RedHat Linux
RedHat Linux
added 2022/05/05 4:52 a.m.78 views

Moderate: Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.3.10 security updates and bug fixes

Red Hat Advanced Cluster Management for Kubernetes 2.3.10 General Availability release images, which provide security updates and bug fixes. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a...

8.8CVSS7.3AI score0.05664EPSS
Exploits6References36
IBM Security Bulletins
IBM Security Bulletins
added 2022/05/04 7:28 p.m.42 views

Security Bulletin: IBM Robotic Process Automation may be vulnerable to an exposure of sensitive information by an unauthorized actor through follow-redirects (CVE-2022-0536)

Summary Security Bulletin: IBM Robotic Process Automation may be vulnerable to an exposure of sensitive information by an unauthorized actor through follow-redirects CVE-2022-0536 Vulnerability Details CVEID: CVE-2022-0536 DESCRIPTION: Node.js follow-redirects module could allow a remote...

5.9CVSS1.2AI score0.0126EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/04/28 5:2 p.m.34 views

Security Bulletin: Information disclosure vulnerability affect IBM Business Automation Workflow and IBM Business Process Manager (BPM) - CVE-2022-0155, CVE-2022-0536, CVE-2021-3749

Summary IBM Business Process Manager and IBM Business Automation Workflow are vulnerable to an information disclosure attack. Vulnerability Details CVEID: CVE-2021-3749 DESCRIPTION: axios is vulnerable to a denial of service, caused by a regular expression denial of service ReDoS flaw in the trim...

8CVSS1.2AI score0.08515EPSS
Exploits4Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/04/27 2:52 p.m.27 views

Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Node.js

Summary IBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of Node.js. Vulnerability Details CVEID: CVE-2021-44906 DESCRIPTION: Node.js Minimist module could allow a remote attacker to execute arbitrary code on the system, caused by a prototype pollution in setKey...

9.8CVSS1.3AI score0.04581EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/04/22 3:52 p.m.34 views

Security Bulletin: IBM App Connect Enterprise Certified Container operands may be vulnerable to loss of confidentiality due to CVE-2022-0536

Summary Node.js module follow-redirects is used by IBM App Connect Enterprise Certified Container operands when making network calls in a Node.js process. IBM App Connect Enterprise Certified Container operands may be vulnerable to loss of confidentiality. This bulletin provides patch information...

5.9CVSS0.7AI score0.0126EPSS
Exploits0Affected Software1
vulnersOsv
vulnersOsv
added 2022/02/10 12:0 a.m.5 views

10chars-test (>=1.0.0 <=1.0.34), 10er10 (=0.23.0) +4045 more potentially affected by CVE-2022-0536 via follow-redirects (>=0.0.3 <=1.14.7)

follow-redirects NPM version =0.0.3, =1.0.0, =4.11.0, =0.3.11, =0.3.3, =0.3.0, =0.1.0, =1.6.1, =1.0.0, =2.0.0, =2.0.0-rc5, =2.0.0-rc7.0.6, =2.0.0-rc2, =2.0.0-rc3, =2.0.0-rc2, =2.0.0-rc.8.0.4 and more Source cves: CVE-2022-0536 Source advisory: OSV:GHSA-PW2R-VQ6V-HR8C...

5.9CVSS6.7AI score0.0126EPSS
Exploits0
NVD
NVD
added 2022/02/09 11:15 a.m.17 views

CVE-2022-0536

Improper Removal of Sensitive Information Before Storage or Transfer in NPM follow-redirects prior to 1.14.8...

5.9CVSS0.0126EPSS
Exploits0References2
Rows per page
Query Builder