4 matches found
Security Bulletin: IBM Cloud Pak for Security includes components with known vulnerabilities (CVE-2020-7764)
Summary IBM Cloud Pak for Security includes components with known vulnerabilities. These have been updated in the latest release and vulnerabilities have been addressed. Please follow the instructions in the Remediation/Fixes section below to update to the latest version of Cloud Pak for Security...
CVE-2020-7764
creationtimestamp| type| source ---|---|--- 2020-11-08 18:53:56+00:00| seen| https://t.me/cibsecurity/16019...
CVE-2020-7764
CVE-2020-7764 affects find-my-way prior to 2.2.5 and from 3.0.0 up to 3.0.5, enabling denial-of-service via Accept-Version header that can be used in a cache-poisoning attack. Connected docs confirm affected versions and describe the impact as DoS through web cache poisoning. IBM CP4S remediation...
@medley/medley (>=0.11.0 <=0.12.1), @nova/azure-functions (>=0.3.0 <=0.3.3) +1 more potentially affected by CVE-2020-7764 via find-my-way (>=2.0.1 <=2.1.0)
find-my-way NPM version =2.0.1, =0.11.0, =0.3.0, =1.0.0, =1.1.0 Source cves: CVE-2020-7764 Source advisory: SNYK:JS-FINDMYWAY-1038269...