Lucene search
K

5 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2018/08/03 4:23 a.m.16 views

Security Bulletin: Two ReDoS vulnerabilities in modules included in the Node.js npm tool affect IBM Rational Application Developer for WebSphere Software included in Rational Developer for i and Rational Developer for AIX and Linux

Summary Portions of IBM Rational Application Developer for WebSphere Software are shipped as a component of Rational Developer for i RPG and COBOL + Modernization Tools, Java and EGL editions, and Rational Developer for AIX and Linux. Two ReDoS vulnerabilities in modules included in the Node.js n...

7.8CVSS0.6AI score0.0337EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 5:13 a.m.23 views

Security Bulletin: Two ReDoS vulnerabilities in modules included in the Node.js npm tool

Summary Two ReDoS vulnerabilities in modules included in the Node.js npm tool shipped by IBM Rational Application Developer for WebSphere Software. Vulnerability Details CVEID: CVE-2016-2515 DESCRIPTION: Node.JS hawk is vulnerable to a denial of service, caused by an error in the regular expressi...

7.8CVSS0.3AI score0.0337EPSS
Exploits0Affected Software1
OSV
OSV
added 2016/04/13 4:59 p.m.6 views

CVE-2016-2515

Hawk before 3.1.3 and 4.x before 4.1.1 allow remote attackers to cause a denial of service CPU consumption or partial outage via a long 1 header or 2 URI that is matched against an improper regular expression...

7.5CVSS7.3AI score
Exploits0References6
NVD
NVD
added 2016/04/13 4:59 p.m.16 views

CVE-2016-2515

Hawk before 3.1.3 and 4.x before 4.1.1 allow remote attackers to cause a denial of service CPU consumption or partial outage via a long 1 header or 2 URI that is matched against an improper regular expression...

7.8CVSS7.7AI score0.0337EPSS
Exploits0References6
CVE
CVE
added 2016/04/13 4:0 p.m.71 views

CVE-2016-2515

CVE-2016-2515 affects Hawk in Node.js/npm deployments: Hawk before 3.1.3 and 4.x before 4.1.1 is vulnerable to a denial of service where an attacker can cause CPU exhaustion by sending an excessively long header or URI that matches an improper regular expression. Reported in multiple sources (GHS...

7.8CVSS7.1AI score0.0337EPSS
Exploits0References6Affected Software1
Rows per page
Query Builder