Lucene search
K

10 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2023/05/22 2:23 p.m.57 views

Security Bulletin: There are multiple vulnerabilites that affect IBM Engineering Requirements Quality Assistant On-Premises

Summary IBM Engineering Requirements Quality Assistant On-Premises affected by multiple vulnerabilities due to which an attacker could exploit this vulnerability to execute arbitrary code on the system and cause the application to crash cause a denial of service condition on the system. This...

9.8CVSS9.3AI score0.14663EPSS
Exploits7Affected Software1
SUSE CVE
SUSE CVE
added 2023/02/15 4:35 a.m.3 views

SUSE CVE-2017-1000048

the web framework using ljharb's qs module older than v6.3.2, v6.2.3, v6.1.2, and v6.0.4 is vulnerable to a DoS. A malicious user can send a evil request to cause the web framework crash...

7.5CVSS7.6AI score0.02395EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/09 1:15 p.m.49 views

Security Bulletin: qs (QueryString) package in the Service Portal of IBM Control Desk is vulnerable (CVE-2014-7191 and CVE-2017-1000048)

Summary As per the BlackDuck Scan, there is one package qs QueryString which is vulnerable in the Service Portal. The qs QueryString package is coming from multer modules installed as npm package. Vulnerability Details CVEID:CVE-2014-7191 DESCRIPTION: Node.js is vulnerable to a denial of service,...

7.3AI score0.08309EPSS
Exploits0Affected Software1
vulnersOsv
vulnersOsv
added 2020/04/30 5:16 p.m.8 views

@aconex/styleguide (>=2.0.1 <=2.2.0), @acornfamily/site (>=1.1.0 <=1.3.0) +1351 more potentially affected by CVE-2017-1000048 via qs (>=6.2.0 <=6.2.1)

qs NPM version =6.2.0, =2.0.1, =1.1.0, =0.1.0, =0.0.0, =0.7.15, =0.0.0, =1.0.23, =1.0.10, =3.3.91, =0.0.0, =0.1.0, =1.2.17, =0.5.6, =0.5.7 and more Source cves: CVE-2017-1000048 Source advisory: OSV:GHSA-GQGV-6JQ5-JJJ9...

7.5CVSS6.7AI score0.02395EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2020/04/30 5:16 p.m.6 views

@bouzuya/mr-jums (>=0.2.0 <=0.9.1), @deansel/latte (=0.1.2-beta.1) +77 more potentially affected by CVE-2017-1000048 via qs (>=6.3.0 <=6.3.1)

qs NPM version =6.3.0, =0.2.0, =1.0.0-alpha.7, =0.0.1-alpha.1, =0.0.1-dev.0, =4.0.0-beta.6, =3.0.0, =0.20.5, =0.20.5, =0.20.8, =0.1.5, =0.6.5, =0.13.0, =0.15.0 - app-decorators =0.8.206 and more Source cves: CVE-2017-1000048 Source advisory: OSV:GHSA-GQGV-6JQ5-JJJ9...

7.5CVSS6.7AI score0.02395EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2020/04/30 5:16 p.m.6 views

00ld8nuivn (=2.1.0), 00rqiw31nd (=2.1.0) +33507 more potentially affected by CVE-2017-1000048 via qs (>=0.1.0 <=6.0.2)

qs NPM version =0.1.0, =6.0.2 is affected by a known vulnerability. The following packages have a transitive dependency on qs and may be impacted: - 00ld8nuivn =2.1.0 - 00rqiw31nd =2.1.0 - 01dk01majk =2.1.0 - 02rjq8i863 =1.1.0 - 02vx8qsp01 =2.1.0 - 05y6tjgmws =1.1.0 - 066m7q8o0z =2.1.0 - 06buj9h3...

7.5CVSS6.7AI score0.02395EPSS
Exploits0
NVD
NVD
added 2017/07/17 1:18 p.m.19 views

CVE-2017-1000048

the web framework using ljharb's qs module older than v6.3.2, v6.2.3, v6.1.2, and v6.0.4 is vulnerable to a DoS. A malicious user can send a evil request to cause the web framework crash...

7.5CVSS8.4AI score0.02395EPSS
Exploits0References2
OSV
OSV
added 2017/07/17 1:18 p.m.8 views

AZL-45075 CVE-2017-1000048 affecting package nodejs-nodemon 2.0.3-5

the web framework using ljharb's qs module older than v6.3.2, v6.2.3, v6.1.2, and v6.0.4 is vulnerable to a DoS. A malicious user can send a evil request to cause the web framework crash...

7.5CVSS6.7AI score0.02395EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2017/07/17 1:18 p.m.37 views

CVE-2017-1000048

the web framework using ljharb's qs module older than v6.3.2, v6.2.3, v6.1.2, and v6.0.4 is vulnerable to a DoS. A malicious user can send a evil request to cause the web framework crash...

7.5CVSS6.8AI score0.02395EPSS
Exploits0References2
CVE
CVE
added 2017/07/13 8:0 p.m.107 views

CVE-2017-1000048

CVE-2017-1000048 applies to ljharb’s qs module; older versions v6.0.4, v6.1.2, v6.2.3 and v6.3.1 (i.e., older than v6.3.2) are vulnerable to a DoS where a malicious request can crash the application. The connected documents corroborate a Denial of Service impact via input handling in qs, and indi...

7.5CVSS7.2AI score0.02395EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder