Lucene search
+L

23 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2020-28500

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Lodash versions prior to 4.17.21 are vulnerable to Regular Expression Denial of Service ReDoS via the toNumber, trim and trimEnd functions. CVE-2020-28500 Note...

5.3CVSS6.6AI score0.07336EPSS
Exploits1References2
IBM Security Bulletins
IBM Security Bulletins
added 2023/09/07 10:42 a.m.56 views

Security Bulletin: Vulnerabilities found in Turf.js which is shipped with IBM® Intelligent Operations Center [CVE-2020-28500, CVE-2020-8203, CVE-2019-1010266, CVE-2019-10744, CVE-2021-23337 and CVE-2018-16487]

Summary Multiple vulnerabilities have been identified in Turf.js which is shipped with IBM® Intelligent Operations Center. Information about these vulnerabilities affecting IBM® Intelligent Operations Center have been published and addressed the applicable CVEs. Vulnerability Details...

9.1CVSS8.4AI score0.2241EPSS
Exploits8Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/15 12:7 p.m.39 views

Security Bulletin: A security vulnerability in Node.js Lodash module affects IBM Cloud Automation Manager.

Summary A security vulnerability in Node.js Lodash module affects IBM Cloud Automation Manager. Vulnerability Details CVEID:CVE-2020-28500 DESCRIPTION: Node.js lodash module is vulnerable to a denial of service, caused by a regular expression denial of service ReDoS in the toNumber, trim and...

5.3CVSS6.1AI score0.07336EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/04/24 3:1 p.m.56 views

Security Bulletin: IBM Engineering Workflow Management (EWM) vulnerabilities CVE-2020-28500, CVE-2021-23337, CVE-2020-8203

Summary There are vulnerabilities CVE-2020-28500, CVE-2021-23337, CVE-2020-8203 which affects IBM Engineering Workflow Management EWM. Vulnerability Details CVEID:CVE-2020-9281 DESCRIPTION: CKEditor is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the...

7.4CVSS6.7AI score0.2241EPSS
Exploits6Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/02/01 9:34 p.m.158 views

Security Bulletin: Vulnerability in Node.js lodash affects IBM Process Mining (CVE-2021-23337,CVE-2020-28500)

Summary There is a vulnerability in Node.js lodash that could allow remote execution of arbitrary commands. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability. Vulnerability Details CVEID:CVE-2021-23337 DESCRIPTION: Node.js...

7.2CVSS7.4AI score0.2241EPSS
Exploits4Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/07/08 7:3 p.m.33 views

Security Bulletin: CVE-2020-28500

Summary Lodash versions prior to 4.17.21 are vulnerable to Regular Expression Denial of Service ReDoS via the toNumber, trim and trimEnd functions. Vulnerability Details CVEID: CVE-2020-28500 DESCRIPTION: Node.js lodash module is vulnerable to a denial of service, caused by a regular expression...

5.3CVSS2.2AI score0.07336EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/06/27 3:53 a.m.57 views

Security Bulletin: Vulnerabilities in lodash library affect Tivoli Netcool/OMNIbus WebGUI (CVE-2019-1010266, CVE-2020-28500, CVE-2018-16487, CVE-2018-3721, CVE-2020-8203, CVE-2021-23337, CVE-2019-10744)

Summary lodash is used by Tivoli Netcool/OMNIbus WebGUI as part of its web client component. The fix includes lodash v4.17.21. Vulnerability Details CVEID: CVE-2019-1010266 DESCRIPTION: Lodash is vulnerable to a denial of service, caused by uncontrolled resource consumption in Date handler. By...

9.1CVSS0.9AI score0.2241EPSS
Exploits9Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/05/24 6:34 p.m.87 views

Security Bulletin: Node.js as used by IBM Security QRadar Analyst Workflow App for IBM QRadar SIEM is vulnerable to multiple vulnerabilities

Summary Node.js as used by IBM Security QRadar Analyst Workflow App for IBM QRadar SIEM is vulnerable to multiple vulnerabilities. IBM Security QRadar Analyst Workflow App for IBM QRadar SIEM has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2020-28469 DESCRIPTION: Node.js...

7.5CVSS1.1AI score0.2241EPSS
Exploits8Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/03/23 11:4 a.m.236 views

Security Bulletin: Lodash versions prior to 4.17.21 vulnerability in PowerHA System Mirror for AIX

Summary Lodash versions prior to 4.17.21 caused vulnerability in PowerHA System Mirror for AIX releases in service. Vulnerability Details CVEID: CVE-2021-23337 DESCRIPTION: Node.js lodash module could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by a...

7.2CVSS7.6AI score0.2241EPSS
Exploits4Affected Software1
vulnersOsv
vulnersOsv
added 2022/01/06 8:30 p.m.5 views

@across-ui/example (>=0.0.1-alpha.4 <=0.0.4-alpha.5), @agreejs/api (>=0.0.1 <=3.2.14) +752 more potentially affected by CVE-2020-28500 via lodash-es (>=4.0.0 <=4.17.20)

lodash-es NPM version =4.0.0, =0.0.1-alpha.4, =0.0.1, =0.0.2, =3.2.1, =3.2.1, =3.2.1, =0.0.1, =3.2.1, =3.2.1, =0.1.0, =0.3.14, =0.4.63, =0.4.64 and more Source cves: CVE-2020-28500 Source advisory: OSV:GHSA-29MW-WPGM-HMR9...

5.3CVSS6.6AI score0.07336EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2022/01/06 8:30 p.m.3 views

10by10-react-app (=1.2.1), 1k-utils (>=1.0.0 <=1.4.0) +15141 more potentially affected by CVE-2020-28500 via lodash (>=4.0.0 <=4.17.20)

lodash NPM version =4.0.0, =1.0.0, =0.0.2, =0.1.1, =1.0.0, =0.2.0, =0.0.2, =0.1.0, =0.1.0, =1.0.23, =4.11.0, =0.0.1, =0.2.1, =0.3.44 and more Source cves: CVE-2020-28500 Source advisory: OSV:GHSA-29MW-WPGM-HMR9...

5.3CVSS6.7AI score0.07336EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2021/09/09 12:0 a.m.107 views

WordPress 5.8 < 5.8.1 / 5.7 < 5.7.3 / 5.6 < 5.6.5 / 5.5 < 5.5.6 / 5.4 < 5.4.7 / 5.2 < 5.2.12

WordPress versions 5.8 5.8.1 / 5.7 5.7.3 / 5.6 5.6.5 / 5.5 5.5.6 / 5.4 5.4.7 / 5.2 5.2.12 are affected by one or more vulnerabilities %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from WordPress Security Advisory...

7.2CVSS6.8AI score0.2241EPSS
Exploits4References5
RedHat Linux
RedHat Linux
added 2021/09/08 2:9 p.m.73 views

Moderate: Red Hat Security Advisory: Red Hat Virtualization Host security and bug fix update [ovirt-4.4.8]

An update for cockpit-ovirt, ovirt-host, ovirt-hosted-engine-ha, ovirt-hosted-engine-setup, and vdsm is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring...

7.2CVSS6.8AI score0.2241EPSS
Exploits4References7
IBM Security Bulletins
IBM Security Bulletins
added 2021/09/03 1:28 p.m.40 views

Security Bulletin: IBM Cloud Private is vulnerable to Node.js lodash vulnerabilities (CVE-2020-28500)

Summary IBM Cloud Private is vulnerable to Node.js lodash vulnerabilities Vulnerability Details CVEID: CVE-2020-28500 DESCRIPTION: Node.js lodash module is vulnerable to a denial of service, caused by a regular expression denial of service ReDoS in the toNumber, trim and trimEnd functions. By...

5.3CVSS0.6AI score0.07336EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/07/30 9:10 p.m.50 views

Security Bulletin: Potential vulnerability with Node.js lodash module

Summary A potential vulnerability has been identified related to Node.js lodash module. Refer to details for additional information. Vulnerability Details CVEID: CVE-2020-28500 DESCRIPTION: Node.js lodash module is vulnerable to a denial of service, caused by a regular expression denial of servic...

5.3CVSS2AI score0.07336EPSS
Exploits1Affected Software1
RedHat Linux
RedHat Linux
added 2021/07/27 10:30 p.m.287 views

Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.8.2 bug fix and security update

Red Hat OpenShift Container Platform release 4.8.2 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.8. Red Hat Product Security has rated this update as having a...

9.8CVSS6.8AI score0.95707EPSS
Exploits22References1722
IBM Security Bulletins
IBM Security Bulletins
added 2021/06/22 4:4 p.m.36 views

Security Bulletin: IBM Cloud Transformation Advisor is affected by Node.js vulnerability

Summary IBM Cloud Transformation Advisor has addressed Node.js vulnerability CVE-2020-28500 Vulnerability Details CVEID: CVE-2020-28500 DESCRIPTION: Node.js lodash module is vulnerable to a denial of service, caused by a regular expression denial of service ReDoS in the toNumber, trim and trimEnd...

5.3CVSS0.7AI score0.07336EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/06/18 2:33 p.m.27 views

Security Bulletin: IBM Cloud Pak for Integration is vulnerable to Node.js lodash vulnerability (CVE-2020-28500)

Summary IBM Cloud Pak for Integration is vulnerable to lodash vulnerability CVE-2020-28500 with details below. Vulnerability Details CVEID: CVE-2020-28500 DESCRIPTION: Node.js lodash module is vulnerable to a denial of service, caused by a regular expression denial of service ReDoS in the toNumbe...

5.3CVSS1.2AI score0.07336EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/05/14 1:37 a.m.32 views

Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Node.js

Summary IBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of Node.js. Vulnerability Details CVEID: CVE-2021-22884 DESCRIPTION: Node.js is vulnerable to a denial of service, caused by an error when the allowlist includes localhost6. By controlling the victim's DNS serve...

7.8CVSS1.5AI score0.77385EPSS
Exploits5Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/05/13 7:29 p.m.38 views

Security Bulletin: A security vulnerability in Node.js lodash module affects IBM Cloud Pak for Multicloud Management Managed Service

Summary A security vulnerability in Node.js lodash module affects IBM Cloud Pak for Multicloud Management Managed Service. Vulnerability Details CVEID: CVE-2020-28500 DESCRIPTION: Node.js lodash module is vulnerable to a denial of service, caused by a regular expression denial of service ReDoS in...

5.3CVSS1.1AI score0.07336EPSS
Exploits1Affected Software1
Rows per page
Query Builder