Lucene search
K

13 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/30 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2020-8244

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A buffer over-read vulnerability exists in bl 4.0.3, 3.0.1, 2.2.1, and 1.2.3 which could allow an attacker to supply user input even typed that if it ends up in...

6.5CVSS7.3AI score0.02183EPSS
Exploits1References2
IBM Security Bulletins
IBM Security Bulletins
added 2023/07/06 6:2 p.m.22 views

Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to Node.js bl modules denial of service vulnerability( CVE-2020-8244) and GNU Tar buffer overflow vulnerability( CVE-2022-48303)

Summary Potential Node.js bl modules denial of service vulnerability CVE-2020-8244 and GNU Tar buffer overflow vulnerability CVE-2022-48303 has been identified that may affect IBM Watson Assistant for IBM Cloud Pak for Data. Refer to details for additional information. Vulnerability Details...

6.5CVSS7.2AI score0.04524EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/15 5:32 p.m.28 views

Security Bulletin: Open Source Dependency Vulnerability

Summary IBM Edge Application Manager 4.5 has resolved the vulnerability. Vulnerability Details CVEID:CVE-2020-8244 DESCRIPTION: Node.js bl module could allow a remote attacker to obtain sensitive information, caused by a buffer over-read flaw in the consume function. By sending a specially-crafte...

6.5CVSS7.4AI score0.02183EPSS
Exploits1Affected Software1
Tenable Nessus
Tenable Nessus
added 2021/10/04 12:0 a.m.27 views

Ubuntu 18.04 LTS : bl vulnerability (USN-5098-1)

The remote Ubuntu 18.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-5098-1 advisory. It was discovered that bl didn't properly sanitize the inputs. An attacker could use this to leak sensitive information. Tenable has extracted the preceding...

6.5CVSS7.2AI score0.02183EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2021/07/01 12:0 a.m.35 views

Debian DLA-2698-1 : node-bl - LTS security update

The remote Debian 9 host has a package installed that is affected by a vulnerability as referenced in the dla-2698 advisory. - A buffer over-read vulnerability exists in bl 4.0.3, 3.0.1, 2.2.1, and 1.2.3 which could allow an attacker to supply user input even typed that if it ends up in consume...

6.5CVSS7.4AI score0.02183EPSS
Exploits1References5
Debian
Debian
added 2021/06/30 10:11 p.m.32 views

[SECURITY] [DLA 2698-1] node-bl security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2698-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz July 01, 2021 https://wiki.debian.org/LTS -...

6.5CVSS6.8AI score0.02183EPSS
Exploits1
IBM Security Bulletins
IBM Security Bulletins
added 2020/11/26 9:42 p.m.20 views

Security Bulletin: A security vulnerability in Node.js bl module affects IBM Cloud Automation Manager.

Summary A security vulnerability in Node.js bl module affects IBM Cloud Automation Manager. Vulnerability Details CVEID: CVE-2020-8244 DESCRIPTION: Node.js bl module could allow a remote attacker to obtain sensitive information, caused by a buffer over-read flaw in the consume function. By sendin...

6.5CVSS1.2AI score0.02183EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/10/29 6:27 p.m.21 views

Security Bulletin: Version 4.0.2 of Node.js module bl included in IBM Netcool Operations Insight 1.6.1.x has a security vulnerability

Summary Security Bulletin: Version 4.0.2 of Node.js module bl included in IBM Netcool Operations Insight 1.6.1.x has a security vulnerability Vulnerability Details CVEID: CVE-2020-8244 DESCRIPTION: Node.js bl module could allow a remote attacker to obtain sensitive information, caused by a buffer...

6.5CVSS1.2AI score0.02183EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/09/28 5:58 p.m.19 views

Security Bulletin: App Connect Enterprise Certified Container is vulnerable to (CVE-2020-8244)

Summary App Connect Enterprise Certified Container is vulnerable to a Denial of Service attack or an attack for sensitive information CVE-2020-8244 Vulnerability Details CVEID: CVE-2020-8244 DESCRIPTION: Node.js bl module could allow a remote attacker to obtain sensitive information, caused by a...

6.5CVSS1AI score0.02183EPSS
Exploits1Affected Software1
Node.js
Node.js
added 2020/09/08 6:24 p.m.25 views

Remote Memory Exposure

Overview A buffer over-read vulnerability exists in bl 4.0.3, 3.0.1 2.2.1 and 1.2.3 which could allow an attacker to supply user input even typed that if it ends up in consume argument and can become negative, the BufferList state can be corrupted, tricking it into exposing uninitialized memory v...

6.8AI score0.02183EPSS
Exploits1Affected Software1
vulnersOsv
vulnersOsv
added 2020/09/02 3:26 p.m.7 views

@cowlick/analyzer (>=0.10.0 <=0.11.0), @cowlick/kag-compiler (>=0.10.0 <=0.11.0) +1 more potentially affected by CVE-2020-8244 via bl (=3.0.0)

bl NPM version =3.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on bl and may be impacted: - @cowlick/analyzer =0.10.0, =0.10.0, =1.0.0, =1.0.3 Source cves: CVE-2020-8244 Source advisory: OSV:GHSA-PP7H-53GX-MX7R...

6.5CVSS6.7AI score0.02183EPSS
Exploits1
OSV
OSV
added 2020/08/30 3:15 p.m.1 views

DEBIAN-CVE-2020-8244

A buffer over-read vulnerability exists in bl 4.0.3, 3.0.1, 2.2.1, and 1.2.3 which could allow an attacker to supply user input even typed that if it ends up in consume argument and can become negative, the BufferList state can be corrupted, tricking it into exposing uninitialized memory via...

6.5CVSS6.7AI score0.02183EPSS
Exploits1References1
OSV
OSV
added 2020/08/30 3:15 p.m.18 views

CVE-2020-8244

A buffer over-read vulnerability exists in bl 4.0.3, 3.0.1, 2.2.1, and 1.2.3 which could allow an attacker to supply user input even typed that if it ends up in consume argument and can become negative, the BufferList state can be corrupted, tricking it into exposing uninitialized memory via...

6.5CVSS6.7AI score
Exploits0References2
Rows per page
Query Builder