Lucene search
K

24 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2023/12/12 5:31 p.m.35 views

Security Bulletin: Watson Machine Learning Accelerator on Cloud Pak for Data Version is affected by multiple vulnerabilties

Summary Mutiple open source vulnerabilties affects Watson Machine Learning Accelerator on Cloud Pak for Data Version 2.3.3 and have been addressed in version 2.3.4. Vulnerability Details CVEID:CVE-2021-23566 DESCRIPTION: Nanoid could allow a local attacker to obtain sensitive information, caused ...

9.1CVSS9.6AI score0.42326EPSS
Exploits15Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/09/07 10:42 a.m.56 views

Security Bulletin: Vulnerabilities found in Turf.js which is shipped with IBM® Intelligent Operations Center [CVE-2020-28500, CVE-2020-8203, CVE-2019-1010266, CVE-2019-10744, CVE-2021-23337 and CVE-2018-16487]

Summary Multiple vulnerabilities have been identified in Turf.js which is shipped with IBM® Intelligent Operations Center. Information about these vulnerabilities affecting IBM® Intelligent Operations Center have been published and addressed the applicable CVEs. Vulnerability Details...

9.1CVSS8.4AI score0.2241EPSS
Exploits8Affected Software1
F5 Networks
F5 Networks
added 2023/02/21 6:46 p.m.147 views

K47105354: Lodash library vulnerability CVE-2019-10744

Security Advisory Description Versions of lodash lower than 4.17.12 are vulnerable to Prototype Pollution. The function defaultsDeep could be tricked into adding or modifying properties of Object.prototype using a constructor payload. CVE-2019-10744 Impact An attacker can use Function inside of...

9.1CVSS7.9AI score0.05006EPSS
Exploits2Affected Software16
RedHat Linux
RedHat Linux
added 2022/06/16 2:52 p.m.282 views

Important: Red Hat Security Advisory: Red Hat AMQ Broker 7.10.0 release and security update

Red Hat AMQ Broker 7.10.0 is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

9.1CVSS7AI score0.05666EPSS
Exploits6References10
IBM Security Bulletins
IBM Security Bulletins
added 2022/05/04 7:28 p.m.39 views

Security Bulletin: IBM Robotic Process Automation is vulnerable to a denial of service through node.js lodash

Summary Security Bulletin: IBM Robotic Process Automation is vulnerable to a denial of service through node.js lodash Vulnerability Details CVEID:CVE-2019-10744 DESCRIPTION: Node.js lodash module is vulnerable to a denial of service, caused by a prototype pollution flaw. By sending a...

9.1CVSS7.3AI score0.05006EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/02/22 8:10 p.m.43 views

Security Bulletin: Node.js lodash vulnerability affects IBM Spectrum Control (formerly Tivoli Storage Productivity Center) ( CVE-2019-10744)

Summary Node.js lodash denial of service vulnerability affects IBM Spectrum Control formerly Tivoli Storage Productivity Center. Vulnerability Details CVEID: CVE-2019-10744 DESCRIPTION: Versions of lodash lower than 4.17.12 are vulnerable to Prototype Pollution. The function defaultsDeep could be...

9.1CVSS8.4AI score0.05006EPSS
Exploits2Affected Software1
RedHat Linux
RedHat Linux
added 2020/07/06 11:59 a.m.5 views

Moderate: Red Hat Security Advisory: Red Hat OpenShift Jaeger 1.17.2 jaeger-all-in-one-rhel7-container and jaeger-query-rhel7-container security update

An update for jaeger-all-in-one-rhel7-container and jaeger-query-rhel7-container is now available for Jaeger-1.17. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating,...

9.1CVSS7AI score0.05006EPSS
Exploits2References2
IBM Security Bulletins
IBM Security Bulletins
added 2020/06/25 2:0 p.m.28 views

Security Bulletin: A security vulnerability in Node.js affects IBM Integration Bus & IBM App Connect Enterprise V11 (CVE-2019-10744)

Summary IBM Integration Bus & IBM App Connect Enterprise V11 ship with Node.js for which vulnerabilities were reported and have been addressed. Vulnerability details are listed below. Vulnerability Details CVEID: CVE-2019-10744 DESCRIPTION: Node.js lodash module is vulnerable to a denial of...

9.1CVSS0.8AI score0.05006EPSS
Exploits2Affected Software1
Tenable Nessus
Tenable Nessus
added 2020/06/03 12:0 a.m.98 views

RHEL 7 / 8 : Red Hat OpenShift Service Mesh (RHSA-2020:2362)

The remote Redhat Enterprise Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2362 advisory. Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise...

9.1CVSS7.1AI score0.99019EPSS
Exploits11References11
RedHat Linux
RedHat Linux
added 2020/06/02 3:34 p.m.71 views

Moderate: Red Hat Security Advisory: Red Hat OpenShift Service Mesh security update

An update for jaeger, kiali, and servicemesh-grafana is now available for OpenShift Service Mesh 1.0. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

9.1CVSS6.9AI score0.99019EPSS
Exploits11References5
Tenable Nessus
Tenable Nessus
added 2020/04/24 12:0 a.m.92 views

F5 Networks BIG-IP : Lodash library vulnerability (K47105354)

The version of F5 Networks BIG-IP installed on the remote host is prior to 12.1.5.2 / 13.1.3.4 / 13.1.3.5 / 14.1.2.5 / 14.1.2.7 / 15.0.1.4 / 15.1.0.5 / 15.1.1 / 16.0.0. It is, therefore, affected by a vulnerability as referenced in the K47105354 advisory. - Versions of lodash lower than 4.17.12 a...

9.1CVSS7.5AI score0.05006EPSS
Exploits2References2
IBM Security Bulletins
IBM Security Bulletins
added 2020/04/01 12:36 a.m.33 views

Security Bulletin: Possible denial of service vulnerability in Watson Knowledge Catalog for IBM Cloud Pak for Data

Summary There is a possible denial of service vulnerability in some of the Watson Knowledge Catalog for IBM Cloud Pak for Data UI services. This vulnerability has been addressed. Vulnerability Details CVEID: CVE-2019-10744 DESCRIPTION: Node.js lodash module is vulnerable to a denial of service,...

9.1CVSS1.2AI score0.05006EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/02/18 8:19 p.m.57 views

Security Bulletin: A Security Vulnerability affects IBM Cloud Private - lodash (CVE-2019-10744)

Summary A Security Vulnerability affects IBM Cloud Private - lodash Vulnerability Details CVEID: CVE-2019-10744 DESCRIPTION: Versions of lodash lower than 4.17.12 are vulnerable to Prototype Pollution. The function defaultsDeep could be tricked into adding or modifying properties of...

9.1CVSS0.4AI score0.05006EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/01/22 6:26 p.m.42 views

Security Bulletin: A security vulnerability has been identified in lodash shipped with PowerAI.

Summary Vulnerability CVE-2019-10744 found in lodash package. Vulnerability Details CVEID: CVE-2019-10744 DESCRIPTION: Versions of lodash lower than 4.17.12 are vulnerable to Prototype Pollution. The function defaultsDeep could be tricked into adding or modifying properties of Object.prototype...

9.1CVSS1AI score0.05006EPSS
Exploits2Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2019/12/17 2:51 p.m.35 views

Security Bulletin: IBM Cloud Transformation Advisor is affected by a Node.js by Prototype Pollution vulnerabiliy

Summary IBM Cloud Transformation Advisor has addressed the following vulnerability. Node.js lodash module CVE-2019-10744 Vulnerability Details CVEID: CVE-2019-10744 DESCRIPTION: Versions of lodash lower than 4.17.12 are vulnerable to Prototype Pollution. The function defaultsDeep could be tricked...

9.1CVSS0.7AI score0.05006EPSS
Exploits2Affected Software1
RedHat Linux
RedHat Linux
added 2019/10/10 3:39 p.m.111 views

Moderate: Red Hat Security Advisory: ovirt-web-ui security and bug fix update

An update for ovirt-web-ui is now available for Red Hat Virtualization Engine 4.3. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

9.1CVSS7.5AI score0.87218EPSS
Exploits8References4
OpenVAS
OpenVAS
added 2019/08/12 12:0 a.m.50 views

Elastic Kibana < 6.8.2, 7.x < 7.2.1 Multiple Vulnerabilities (ESA-2019-09, ESA-2019-10) - Linux

Kibana is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.1CVSS7.9AI score0.05006EPSS
Exploits3References2
OpenVAS
OpenVAS
added 2019/08/12 12:0 a.m.59 views

Elastic Kibana < 6.8.2, 7.x < 7.2.1 Multiple Vulnerabilities (ESA-2019-09, ESA-2019-10) - Windows

Kibana is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.1CVSS7.9AI score0.05006EPSS
Exploits3References2
CVE
CVE
added 2019/07/25 11:43 p.m.960 views

CVE-2019-10744

CVE-2019-10744 affects lodash versions lower than 4.17.12 and enables Prototype Pollution via defaultsDeep, by injecting a constructor payload to modify Object.prototype. IBM X-Force lists a base3.1 score of 9.1 (CRITICAL) and confirms the prototype pollution impact. Remediation: upgrade lodash t...

9.1CVSS8.9AI score0.05006EPSS
Exploits2References6Affected Software1
vulnersOsv
vulnersOsv
added 2019/07/10 7:45 p.m.8 views

@astro-my/design-systems (>=0.3.14 <=0.4.42), @astro-my/design-systems-aw (>=0.4.63 <=0.4.64) +143 more potentially affected by CVE-2019-10744 via lodash-es (>=3.0.0 <=4.17.12)

lodash-es NPM version =3.0.0, =0.3.14, =0.4.63, =0.1.1, =0.1.1, =0.3.2-a, =0.1.0, =0.1.0, =0.1.1, =0.1.0, =0.1.0, =0.1.0, =0.5.24 - @astro-my/design-systems-xuan-ts =0.1.1 and more Source cves: CVE-2019-10744 Source advisory: OSV:GHSA-JF85-CPCP-J695...

9.1CVSS7AI score0.05006EPSS
Exploits2
Rows per page
Query Builder