Lucene search
+L

6 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2022/10/19 9:11 p.m.50 views

Security Bulletin: IBM Security QRadar Analyst Workflow app for IBM QRadar SIEM is vulnerable to using components with known vulnerabilities

Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. IBM has addressed the vulnerabilities. Vulnerability Details CVEID:CVE-2021-44906 DESCRIPTION: Node.js Minimist module could allow a remote attacker to execute...

9.8CVSS9.2AI score0.04581EPSS
Exploits7Affected Software1
vulnersOsv
vulnersOsv
added 2021/03/18 7:39 p.m.4 views

4talent-questions-shortlist (=1.3.3), @42.nl/ui (>=1.0.7 <=1.0.9) +635 more potentially affected by CVE-2021-23346 via html-parse-stringify2 (>=1.2.1 <=2.0.1)

html-parse-stringify2 NPM version =1.2.1, =1.0.7, =5.0.1, =0.1.0, =1.0.0, =0.2.0-alpha.1, =0.1.2, =0.9.9, =0.9.9, =6.3.0, =3.6.0, =0.3.1, =0.1.0, =0.3.0 and more Source cves: CVE-2021-23346 Source advisory: OSV:GHSA-545Q-3FG6-48M7...

5.3CVSS6.6AI score0.02217EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2021/03/18 7:39 p.m.6 views

@amoy/query-components (>=1.0.0 <=1.0.8), @cortezaproject/corteza-ext-renderer (>=2020.3.0 <=2020.12.0) +46 more potentially affected by CVE-2021-23346 via html-parse-stringify (>=1.0.1 <=1.0.3)

html-parse-stringify NPM version =1.0.1, =1.0.0, =2020.3.0, =2020.3.0-rc.8, =0.3.0, =4.0.0, =2.0.7, =4.0.22, =3.0.4, =14.10.3, =1.0.0, =1.0.0, =6.9.17, =1.0.0, =3.0.0-rc.2 and more Source cves: CVE-2021-23346 Source advisory: OSV:GHSA-545Q-3FG6-48M7...

5.3CVSS6.7AI score0.02217EPSS
Exploits1
OSV
OSV
added 2021/03/04 5:15 p.m.13 views

CVE-2021-23346

This affects the package html-parse-stringify before 2.0.1; all versions of package html-parse-stringify2. Sending certain input could cause one of the regular expressions that is used for parsing to backtrack, freezing the process...

5.3CVSS5.2AI score
Exploits0References6
CVE
CVE
added 2021/03/04 4:55 p.m.105 views

CVE-2021-23346

CVE-2021-23346 affects Node.js packages html-parse-stringify and html-parse-stringify2. The vulnerability is a Regular Expression DoS (ReDoS) due to backtracking in parsing regex, which can cause the process to freeze and lead to a denial of service. IBM IBM Cloud Pak for Security CP4S versions 1...

5.3CVSS5.4AI score0.02217EPSS
Exploits1References6Affected Software1
Cvelist
Cvelist
added 2021/03/04 4:55 p.m.45 views

CVE-2021-23346 Regular Expression Denial of Service (ReDoS)

This affects the package html-parse-stringify before 2.0.1; all versions of package html-parse-stringify2. Sending certain input could cause one of the regular expressions that is used for parsing to backtrack, freezing the process...

4.8CVSS5.9AI score0.02217EPSS
Exploits1References6
Rows per page
Query Builder