8 matches found
Security Bulletin: Multiple security vulnerabilities are addressed with Cloud Pak foundational services 4.15.0 shipped with IBM Cloud Pak for Business Automation iFixes for December 2025.
Summary IBM Cloud Pak for Business Automation includes IBM Cloud Pak foundational services. IBM Cloud Pak for Business Automation December 2025 security fixes update this dependency beyond 4.15.0 to address security vulnerabilities. Vulnerability Details CVEID:CVE-2016-10540 DESCRIPTION: Minimatc...
Security Bulletin: Vulnerabilities found in Turf.js which is shipped with IBM® Intelligent Operations Center [CVE-2020-28500, CVE-2020-8203, CVE-2019-1010266, CVE-2019-10744, CVE-2021-23337 and CVE-2018-16487]
Summary Multiple vulnerabilities have been identified in Turf.js which is shipped with IBM® Intelligent Operations Center. Information about these vulnerabilities affecting IBM® Intelligent Operations Center have been published and addressed the applicable CVEs. Vulnerability Details...
Security Bulletin: Vulnerabilities in lodash library affect Tivoli Netcool/OMNIbus WebGUI (CVE-2019-1010266, CVE-2020-28500, CVE-2018-16487, CVE-2018-3721, CVE-2020-8203, CVE-2021-23337, CVE-2019-10744)
Summary lodash is used by Tivoli Netcool/OMNIbus WebGUI as part of its web client component. The fix includes lodash v4.17.21. Vulnerability Details CVEID: CVE-2019-1010266 DESCRIPTION: Lodash is vulnerable to a denial of service, caused by uncontrolled resource consumption in Date handler. By...
CVE-2019-1010266
lodash prior to 4.17.11 is affected by: CWE-400: Uncontrolled Resource Consumption. The impact is: Denial of service. The component is: Date handler. The attack vector is: Attacker provides very long strings, which the library attempts to match using a regular expression. The fixed version is:...
Security Bulletin: A Security Vulnerability affects IBM Cloud Private - lodash (CVE-2019-1010266)
Summary A Security Vulnerability affects IBM Cloud Private - lodash Vulnerability Details CVEID: CVE-2019-1010266 DESCRIPTION: lodash prior to 4.17.11 is affected by: CWE-400: Uncontrolled Resource Consumption. The impact is: Denial of service. The component is: Date handler. The attack vector is...
lodash CVE-2019-1010266 Denial of Service Vulnerability
Description lodash is prone to a denial-of-service vulnerability. Attackers can exploit this issue to cause a denial-of-service condition. lodash versions prior to 4.17.11 are vulnerable. Technologies Affected Cisco Application Policy Infrastructure Controller APIC IBM Cloud Private 3.2.0 CD IBM...
CVE-2019-1010266
lodash prior to 4.17.11 is affected by: CWE-400: Uncontrolled Resource Consumption. The impact is: Denial of service. The component is: Date handler. The attack vector is: Attacker provides very long strings, which the library attempts to match using a regular expression. The fixed version is:...
CVE-2019-1010266
CVE-2019-1010266 is a lodash vulnerability affecting versions before 4.17.11, caused by Uncontrolled Resource Consumption (ReDoS) in the Date handling code. The attack relies on the library matching very long strings with a regular expression, leading to a Denial of Service. The fix is to upgrade...