Lucene search
K

16 matches found

vulnersOsv
vulnersOsv
added 2026/05/29 3:54 p.m.6 views

0xpay-cc-sdk (>=0.0.8 <=0.1.0), 0xtrails (>=0.0.0-20251106131028 <=0.16.2) +7274 more potentially affected by CVE-2018-16487 +1 more via axios (>=1.0.0 <=1.15.2)

axios NPM version =1.0.0, =0.0.8, =0.0.0-20251106131028, =0.0.1, =0.0.1, =0.0.1, =0.0.1, =1.0.0, =0.0.2-beta.0, =8.0.5, =6.1.0, =0.0.0-canary-847463221a9a1bee28641d8c0ecfaca98ee142f6, =0.0.1-alpha.3, =0.0.1-alpha.4 and more Source cves: CVE-2018-16487, CVE-2026-44490 Source advisory:...

8.2CVSS6.3AI score0.01553EPSS
Exploits3
IBM Security Bulletins
IBM Security Bulletins
added 2026/01/07 12:30 p.m.14 views

Security Bulletin: Multiple security vulnerabilities are addressed with Cloud Pak foundational services 4.15.0 shipped with IBM Cloud Pak for Business Automation iFixes for December 2025.

Summary IBM Cloud Pak for Business Automation includes IBM Cloud Pak foundational services. IBM Cloud Pak for Business Automation December 2025 security fixes update this dependency beyond 4.15.0 to address security vulnerabilities. Vulnerability Details CVEID:CVE-2016-10540 DESCRIPTION: Minimatc...

9.1CVSS9.1AI score0.2241EPSS
Exploits12Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2023/12/12 5:31 p.m.35 views

Security Bulletin: Watson Machine Learning Accelerator on Cloud Pak for Data Version is affected by multiple vulnerabilties

Summary Mutiple open source vulnerabilties affects Watson Machine Learning Accelerator on Cloud Pak for Data Version 2.3.3 and have been addressed in version 2.3.4. Vulnerability Details CVEID:CVE-2021-23566 DESCRIPTION: Nanoid could allow a local attacker to obtain sensitive information, caused ...

9.1CVSS9.6AI score0.42326EPSS
Exploits14Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/09/07 10:42 a.m.55 views

Security Bulletin: Vulnerabilities found in Turf.js which is shipped with IBM® Intelligent Operations Center [CVE-2020-28500, CVE-2020-8203, CVE-2019-1010266, CVE-2019-10744, CVE-2021-23337 and CVE-2018-16487]

Summary Multiple vulnerabilities have been identified in Turf.js which is shipped with IBM® Intelligent Operations Center. Information about these vulnerabilities affecting IBM® Intelligent Operations Center have been published and addressed the applicable CVEs. Vulnerability Details...

9.1CVSS8.4AI score0.2241EPSS
Exploits7Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/12/05 7:0 p.m.32 views

Security Bulletin: IBM Cloud Transformation Advisor is affected by a Node.js lodash module vulnerability (CVE-2018-16487)

Summary IBM Cloud Transformation Advisor has addressed the following vulnerability. Node.js lodash module CVE-2018-16487 Vulnerability Details CVEID:CVE-2018-16487 DESCRIPTION: Node.js lodash module is vulnerable to a denial of service, caused by a prototype pollution flaw. By sending a...

5.6CVSS6.2AI score0.01553EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/06/27 3:53 a.m.53 views

Security Bulletin: Vulnerabilities in lodash library affect Tivoli Netcool/OMNIbus WebGUI (CVE-2019-1010266, CVE-2020-28500, CVE-2018-16487, CVE-2018-3721, CVE-2020-8203, CVE-2021-23337, CVE-2019-10744)

Summary lodash is used by Tivoli Netcool/OMNIbus WebGUI as part of its web client component. The fix includes lodash v4.17.21. Vulnerability Details CVEID: CVE-2019-1010266 DESCRIPTION: Lodash is vulnerable to a denial of service, caused by uncontrolled resource consumption in Date handler. By...

9.1CVSS0.9AI score0.2241EPSS
Exploits8Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/07/23 8:20 p.m.38 views

Security Bulletin: Security vulnerability affects IBM Cloud Object Storage SDK NodeJS (Mar 2019)

Summary Security vulnerability affects IBM Cloud Object Storage SDK NodeJS. This vulnerability has been addressed in the latest SDK NodeJS release. Vulnerability Details CVE-ID: CVE-2018-16487 Description: Node.js lodash module is vulnerable to a denial of service, caused by a prototype pollution...

6.8CVSS0.8AI score0.01553EPSS
Exploits2Affected Software1
RedhatCVE
RedhatCVE
added 2019/02/01 11:49 p.m.48 views

CVE-2018-16487

A prototype pollution vulnerability was found in lodash 4.17.11 where the functions merge, mergeWith, and defaultsDeep can be tricked into adding or modifying properties of Object.prototype...

6.8CVSS2.5AI score0.01553EPSS
Exploits2References2
NVD
NVD
added 2019/02/01 6:29 p.m.26 views

CVE-2018-16487

A prototype pollution vulnerability was found in lodash 4.17.11 where the functions merge, mergeWith, and defaultsDeep can be tricked into adding or modifying properties of Object.prototype...

6.8CVSS7.1AI score0.01553EPSS
Exploits2References2
UbuntuCve
UbuntuCve
added 2019/02/01 6:29 p.m.31 views

CVE-2018-16487

A prototype pollution vulnerability was found in lodash 4.17.11 where the functions merge, mergeWith, and defaultsDeep can be tricked into adding or modifying properties of Object.prototype...

6.8CVSS6.3AI score0.01553EPSS
Exploits2References2
Cvelist
Cvelist
added 2019/02/01 6:0 p.m.25 views

CVE-2018-16487

A prototype pollution vulnerability was found in lodash 4.17.11 where the functions merge, mergeWith, and defaultsDeep can be tricked into adding or modifying properties of Object.prototype...

7AI score0.01553EPSS
Exploits2References2
CVE
CVE
added 2019/02/01 6:0 p.m.1495 views

CVE-2018-16487

CVE-2018-16487 is a prototype pollution vulnerability in lodash versions below 4.17.11, where merge/mergeWith/defaultsDeep can modify Object.prototype. IBM-focused bulletins in the Connected Documents confirm this CVE is present in IBM-related advisories and list affected IBM products (e.g., IBM ...

6.8CVSS5.6AI score0.01553EPSS
Exploits2References2Affected Software1
Debian CVE
Debian CVE
added 2019/02/01 6:0 p.m.31 views

CVE-2018-16487

A prototype pollution vulnerability was found in lodash 4.17.11 where the functions merge, mergeWith, and defaultsDeep can be tricked into adding or modifying properties of Object.prototype...

6.8CVSS5.8AI score0.01553EPSS
Exploits2
vulnersOsv
vulnersOsv
added 2018/08/31 6:21 p.m.7 views

@alyzenpublic/craco (>=3.2.3-dev <=3.2.3-dev2), @amory/core (>=2018.8.29-1 <=2018.8.31-0) +153 more potentially affected by CVE-2018-16487 +1 more via lodash.mergewith (>=4.0.3 <=4.6.1)

lodash.mergewith NPM version =4.0.3, =3.2.3-dev, =2018.8.29-1, =2018.8.29-0, =2018.8.31-0, =0.1.0-18, =0.5.1-atomist-update-latest-1540938130032.20181101043939, =1.0.0, =1.10.0, =1.10.1, =1.0.0, =1.0.0, =1.0.0, =5.0.0, =5.2.8, =6.2.0 and more Source cves: CVE-2018-16487, CVE-2018-3721 Source...

6.8CVSS6.4AI score0.02413EPSS
Exploits3
vulnersOsv
vulnersOsv
added 2018/08/31 6:21 p.m.11 views

@anjuna/charts (>=1.0.0-preview.45 <=1.0.0-preview.47), @badgeup/badgeup-browser-client (>=0.3.0 <=3.0.0) +186 more potentially affected by CVE-2018-16487 +1 more via lodash.defaultsdeep (>=4.3.2 <=4.6.0)

lodash.defaultsdeep NPM version =4.3.2, =1.0.0-preview.45, =0.3.0, =0.1.0, =0.3.0, =6.0.2, =1.0.0-rc.1, =1.2.0, =1.0.0, =0.9.16, =0.0.1, =0.275.1-chore-update-deps.3894.0, =0.18.2-alpha.1, =3.0.0, =6.8.1, =7.1.11 and more Source cves: CVE-2018-16487, CVE-2018-3721 Source advisory:...

6.8CVSS6.4AI score0.02413EPSS
Exploits3
vulnersOsv
vulnersOsv
added 2018/08/31 6:21 p.m.7 views

1tp (>=0.0.2 <=0.21.1), 1tp-registrar (>=0.1.1 <=0.1.2) +5702 more potentially affected by CVE-2018-16487 +1 more via lodash (>=4.0.0 <=4.17.10)

lodash NPM version =4.0.0, =0.0.2, =0.1.1, =1.0.0, =0.2.0, =0.1.0, =0.1.0, =0.0.1, =0.2.1, =0.0.2, =0.0.7, =0.4.20, =1.16.0, =1.16.0, =1.16.7 and more Source cves: CVE-2018-16487, CVE-2018-3721 Source advisory: SNYK:JS-LODASH-73638...

6.8CVSS6.1AI score0.02413EPSS
Exploits3
Rows per page
Query Builder