8 matches found
Security Bulletin: A security vulnerability in Node.js pac-resolver module affects IBM Cloud Pak for Multicloud Management Managed Services
Summary A security vulnerability in Node.js pac-resolver module affects IBM Cloud Pak for Multicloud Management Managed Services. Vulnerability Details CVEID: CVE-2021-23406 DESCRIPTION: Node.js pac-resolver module could allow a remote attacker to execute arbitrary code on the system, caused by a...
Security Bulletin: IBM App Connect Enterprise Certified Container Integration Servers may be vulnerable to code injection due to CVE-2021-23406
Summary IBM App Connect Enterprise Certified Container Integration Servers may be vulnerable to code injection due to CVE-2021-23406 Vulnerability Details CVEID: CVE-2021-23406 DESCRIPTION: Node.js pac-resolver module could allow a remote attacker to execute arbitrary code on the system, caused b...
Security Bulletin: A security vulnerability in Node.js pac-resolver module affects IBM Cloud Automation Manager
Summary A security vulnerability in Node.js pac-resolver module affects IBM Cloud Automation Manager. Vulnerability Details CVEID: CVE-2021-23406 DESCRIPTION: Node.js pac-resolver module could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe PAC file handling. ...
Critical Bug Reported in NPM Package With Millions of Downloads Weekly
A widely used NPM package called 'Pac-Resolver' for the JavaScript programming language has been remediated with a fix for a high-severity remote code execution vulnerability that could be abused to run malicious code inside Node.js applications whenever HTTP requests are sent. The flaw, tracked ...
CVE-2021-23406
creationtimestamp| type| source ---|---|--- 2021-08-24 12:23:46+00:00| seen| https://t.me/cibsecurity/27756 2021-09-13 15:55:18+00:00| seen| https://t.me/thehackernews/1508...
CVE-2021-23406
This affects the package pac-resolver before 5.0.0. This can occur when used with untrusted input, due to unsafe PAC file handling. NOTE: The fix for this vulnerability is applied in the node-degenerator library, a dependency written by the same maintainer...
CVE-2021-23406
Technical details about CVE-2021-23406 are not provided in the connected documents. Public details appear limited to the initial description. Monitor for updates from official advisories.
CVE-2021-23406
This affects the package pac-resolver before 5.0.0. This can occur when used with untrusted input, due to unsafe PAC file handling. NOTE: The fix for this vulnerability is applied in the node-degenerator library, a dependency written by the same maintainer...