Lucene search
K

28 matches found

OSV
OSV
added 13 hours ago9 views

ROOT-APP-NPM-CVE-2020-8203 CVE-2020-8203 in @rootio/lodash.pick - Patched by Root

Root has patched CVE-2020-8203 in the @rootio/lodash.pick package for Root:npm. Multiple fixed versions available...

7.4CVSS8AI score0.05213EPSS
Exploits1
Atlassian
Atlassian
added 2025/12/04 3:28 a.m.15 views

Prototype Pollution loadash.pick Dependency Vulnerability in Jira Software Data Center and Server

This High severity Prototype Pollution vulnerability known as CVE-2020-8203 was introduced in 10.3.0 of Jira Software Data Center and Server. This vulnerability with a CVSS Score of 7.4 and a CVSS Vector of CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H allows an unauthenticated attacker to take...

7.4CVSS7AI score0.05213EPSS
Exploits1
IBM Security Bulletins
IBM Security Bulletins
added 2023/12/12 5:31 p.m.35 views

Security Bulletin: Watson Machine Learning Accelerator on Cloud Pak for Data Version is affected by multiple vulnerabilties

Summary Mutiple open source vulnerabilties affects Watson Machine Learning Accelerator on Cloud Pak for Data Version 2.3.3 and have been addressed in version 2.3.4. Vulnerability Details CVEID:CVE-2021-23566 DESCRIPTION: Nanoid could allow a local attacker to obtain sensitive information, caused ...

9.1CVSS9.6AI score0.42326EPSS
Exploits15Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/09/07 10:42 a.m.56 views

Security Bulletin: Vulnerabilities found in Turf.js which is shipped with IBM® Intelligent Operations Center [CVE-2020-28500, CVE-2020-8203, CVE-2019-1010266, CVE-2019-10744, CVE-2021-23337 and CVE-2018-16487]

Summary Multiple vulnerabilities have been identified in Turf.js which is shipped with IBM® Intelligent Operations Center. Information about these vulnerabilities affecting IBM® Intelligent Operations Center have been published and addressed the applicable CVEs. Vulnerability Details...

9.1CVSS8.4AI score0.2241EPSS
Exploits8Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/04/24 3:1 p.m.53 views

Security Bulletin: IBM Engineering Workflow Management (EWM) vulnerabilities CVE-2020-28500, CVE-2021-23337, CVE-2020-8203

Summary There are vulnerabilities CVE-2020-28500, CVE-2021-23337, CVE-2020-8203 which affects IBM Engineering Workflow Management EWM. Vulnerability Details CVEID:CVE-2020-9281 DESCRIPTION: CKEditor is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the...

7.4CVSS6.7AI score0.2241EPSS
Exploits6Affected Software1
Huntr
Huntr
added 2023/02/20 2:52 a.m.440 views

Lodash 4.17.15 in use which is vulnerable to CVE-2020-8203

Description Lodash 4.17.15 in use which is vulnerable to CVE-2020-8203 Proof of Concept 1 Go to https://localhost/Cockpit/modules/App/assets/vendor/lodash.js?ver=2.3.9-1676855050 and note that lodash version is 4.17.15 2 Go to https://localhost/Cockpit/ 3 Open Web Devloper tools Ctrl+Shift+I usin...

1.7CVSS6.6AI score0.05213EPSS
Exploits2References1
IBM Security Bulletins
IBM Security Bulletins
added 2022/07/08 7:0 p.m.96 views

Security Bulletin: CVE-2020-8203

Summary Prototype pollution attack when using .zipObjectDeep in lodash before 4.17.20. Vulnerability Details CVEID: CVE-2020-8203 DESCRIPTION: Node.js lodash module is vulnerable to a denial of service, caused by a prototype pollution attack. A remote attacker could exploit this vulnerability usi...

7.4CVSS1.3AI score0.05213EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/06/27 3:53 a.m.55 views

Security Bulletin: Vulnerabilities in lodash library affect Tivoli Netcool/OMNIbus WebGUI (CVE-2019-1010266, CVE-2020-28500, CVE-2018-16487, CVE-2018-3721, CVE-2020-8203, CVE-2021-23337, CVE-2019-10744)

Summary lodash is used by Tivoli Netcool/OMNIbus WebGUI as part of its web client component. The fix includes lodash v4.17.21. Vulnerability Details CVEID: CVE-2019-1010266 DESCRIPTION: Lodash is vulnerable to a denial of service, caused by uncontrolled resource consumption in Date handler. By...

9.1CVSS0.9AI score0.2241EPSS
Exploits9Affected Software1
Tenable Nessus
Tenable Nessus
added 2021/07/22 12:0 a.m.50 views

Oracle Primavera Gateway (Jul 2021 CPU)

The 17.12.11, 18.8.11, 19.12.10, and 20.12.0 versions of Primavera Gateway installed on the remote host are affected by multiple vulnerabilities as referenced in the July 2021 CPU advisory. - Vulnerability in the Primavera Gateway product of Oracle Construction and Engineering component: Admin...

9.8CVSS6.9AI score0.17611EPSS
Exploits3References8
Tenable Nessus
Tenable Nessus
added 2020/11/24 12:0 a.m.78 views

RHEL 8 : Red Hat Virtualization (RHSA-2020:5179)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:5179 advisory. The org.ovirt.engine-root is a core component of oVirt. The following packages have been upgraded to a later upstream version: engine-db-que...

8.1CVSS7.3AI score0.05213EPSS
Exploits2References50
RedHat Linux
RedHat Linux
added 2020/10/27 4:22 p.m.124 views

Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.6.1 image security update

An update is now available for Red Hat OpenShift Container Platform 4.6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

7.7CVSS7.8AI score0.99019EPSS
Exploits30References22
IBM Security Bulletins
IBM Security Bulletins
added 2020/10/01 9:23 p.m.58 views

Security Bulletin: Security Vulnerabilities affect IBM Cloud Pak for Data - Node.js (CVE-2020-8203)

Summary Security Vulnerabilities affect IBM Cloud Pak for Data - Node.js CVE-2020-8203 Vulnerability Details Third Party Entry: 183560 DESCRIPTION: Node.js lodash module denial of service CVSS Base score: 7.5 CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/183560 fo...

7.4CVSS1.2AI score0.05213EPSS
Exploits1Affected Software1
RedHat Linux
RedHat Linux
added 2020/09/23 4:12 p.m.115 views

Moderate: Red Hat Security Advisory: Red Hat Virtualization security, bug fix, and enhancement update

An update is now available for Red Hat Virtualization Engine 4.4. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

7.4CVSS6.6AI score0.99019EPSS
Exploits12References41
RedHat Linux
RedHat Linux
added 2020/08/06 8:19 p.m.80 views

Moderate: Red Hat Security Advisory: Red Hat OpenShift Service Mesh security update

An update is now available for OpenShift Service Mesh 1.1. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links ...

7.5CVSS7.2AI score0.8383EPSS
Exploits14References6
RedhatCVE
RedhatCVE
added 2020/07/15 8:8 p.m.64 views

CVE-2020-8203

A flaw was found in nodejs-lodash in versions 4.17.15 and earlier. A prototype pollution attack is possible which can lead to arbitrary code execution. The primary threat from this vulnerability is to data integrity and system availability...

5.8CVSS6.5AI score0.05213EPSS
Exploits1References5
vulnersOsv
vulnersOsv
added 2020/07/15 7:15 p.m.4 views

@braneframe/plugin-github (>=0.1.53-main.0b45885 <=0.6.7-staging.e9eb1ed), @dxos/plugin-github (>=0.6.8 <=0.7.4-staging.f7e8224) +26 more potentially affected by CVE-2020-8203 via lodash.update (=4.10.2)

lodash.update NPM version =4.10.2 is affected by a known vulnerability. The following packages have a transitive dependency on lodash.update and may be impacted: - @braneframe/plugin-github =0.1.53-main.0b45885, =0.6.8, =0.2.19, =0.0.1, =5.5.0, =22.1.0, =5.2.0, =4.0.0, =1.0.0, =1.12.0, =1.0.0,...

7.4CVSS6.8AI score0.05213EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2020/07/15 7:15 p.m.5 views

0-dd-trace-init-first-production (>=1.0.0 <=1.0.1), 0.extends.wechat (>=1.0.51 <=1.0.65) +14394 more potentially affected by CVE-2020-8203 via lodash.pick (>=4.0.1 <=4.4.0)

lodash.pick NPM version =4.0.1, =1.0.0, =1.0.51, =1.0.3, =1.0.0, =1.0.0, =4.11.0, =1.0.0, =1.0.1-6.1, =1.0.0, =1.0.0, =1.0.1 and more Source cves: CVE-2020-8203 Source advisory: OSV:GHSA-P6MC-M468-83GW...

7.4CVSS6.7AI score0.05213EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2020/07/15 7:15 p.m.5 views

@across-ui/example (>=0.0.1-alpha.4 <=0.0.4-alpha.5), @agreejs/api (>=0.0.1 <=3.2.14) +709 more potentially affected by CVE-2020-8203 via lodash-es (>=4.0.0 <=4.17.2)

lodash-es NPM version =4.0.0, =0.0.1-alpha.4, =0.0.1, =0.0.2, =3.2.1, =3.2.1, =3.2.1, =0.0.1, =3.2.1, =3.2.1, =0.3.14, =0.4.63, =0.1.1, =0.5.23 and more Source cves: CVE-2020-8203 Source advisory: OSV:GHSA-P6MC-M468-83GW...

7.4CVSS6.7AI score0.05213EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2020/07/15 7:15 p.m.4 views

0-logger (>=1.1.0 <=1.1.1), 0xsodium (>=0.2.0 <=0.14.0) +9313 more potentially affected by CVE-2020-8203 via lodash.set (>=3.7.4 <=4.3.2)

lodash.set NPM version =3.7.4, =1.1.0, =0.2.0, =2.0.0, =1.1.0, =1.0.0, =1.0.1, =4.11.0, =4.11.46 - 88slot-ap =1.0.0 and more Source cves: CVE-2020-8203 Source advisory: OSV:GHSA-P6MC-M468-83GW...

7.4CVSS6.7AI score0.05213EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2020/07/15 7:15 p.m.5 views

10by10-react-app (=1.2.1), 1k-utils (>=1.0.0 <=1.0.1) +14517 more potentially affected by CVE-2020-8203 via lodash (>=3.7.0 <=4.17.18)

lodash NPM version =3.7.0, =1.0.0, =0.0.2, =0.1.1, =3.0.2, =1.0.0, =0.2.0, =0.1.0, =0.1.0, =1.0.23, =4.11.0, =0.0.1, =0.2.1, =0.3.44 and more Source cves: CVE-2020-8203 Source advisory: OSV:GHSA-P6MC-M468-83GW...

7.4CVSS6.7AI score0.05213EPSS
Exploits1
Rows per page
Query Builder