5 matches found
Security Bulletin: Multiple security vulnerabilities are addressed with IBM Business Automation Manager Open Editions 8.0.2
Summary In addition to updates of open source dependencies, the following security vulnerabilities are addressed with IBM Business Automation Manager Open Editions 8.0.2 Vulnerability Details CVEID:CVE-2018-1000134 DESCRIPTION: Ping Identity UnboundID LDAP SDK could allow a remote attacker to...
@11ty/eleventy (=0.3.3), @36node/swagen (=0.1.2) +1560 more potentially affected by CVE-2019-20922 via handlebars (>=4.0.0 <=4.4.3)
handlebars NPM version =4.0.0, =1.16.0, =1.16.0, =1.16.0, =1.16.0, =1.0.1, =3.0.0, =1.0.0, =0.1.0, =0.0.1, =1.0.2-alpha.0, =1.0.0, =0.0.2, =5.0.0, =6.0.10 and more Source cves: CVE-2019-20922 Source advisory: OSV:GHSA-62GR-4QP9-H98F...
Moderate: Red Hat Security Advisory: Red Hat OpenShift Enterprise security and bug fix update
Red Hat OpenShift Container Platform release 4.6.36 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which...
RHEL 8 : Red Hat Virtualization (RHSA-2020:5179)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:5179 advisory. The org.ovirt.engine-root is a core component of oVirt. The following packages have been upgraded to a later upstream version: engine-db-que...
CVE-2019-20922
CVE-2019-20922 affects the Handlebars.js template engine before 4.4.5. The vulnerability stems from an eager RegExp matching approach in the parser, which can be forced into an endless loop by crafted templates, leading to resource exhaustion. Impact is described as denial of service via consumed...