Lucene search
+L

8 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2021/11/09 6:16 p.m.24 views

Security Bulletin: A security vulnerability in Node.js pac-resolver module affects IBM Cloud Pak for Multicloud Management Managed Services

Summary A security vulnerability in Node.js pac-resolver module affects IBM Cloud Pak for Multicloud Management Managed Services. Vulnerability Details CVEID: CVE-2021-23406 DESCRIPTION: Node.js pac-resolver module could allow a remote attacker to execute arbitrary code on the system, caused by a...

9.8CVSS1.9AI score0.02863EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/10/20 10:28 a.m.20 views

Security Bulletin: IBM App Connect Enterprise Certified Container Integration Servers may be vulnerable to code injection due to CVE-2021-23406

Summary IBM App Connect Enterprise Certified Container Integration Servers may be vulnerable to code injection due to CVE-2021-23406 Vulnerability Details CVEID: CVE-2021-23406 DESCRIPTION: Node.js pac-resolver module could allow a remote attacker to execute arbitrary code on the system, caused b...

9.8CVSS1.7AI score0.02863EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/09/16 6:12 p.m.24 views

Security Bulletin: A security vulnerability in Node.js pac-resolver module affects IBM Cloud Automation Manager

Summary A security vulnerability in Node.js pac-resolver module affects IBM Cloud Automation Manager. Vulnerability Details CVEID: CVE-2021-23406 DESCRIPTION: Node.js pac-resolver module could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe PAC file handling. ...

9.8CVSS2.4AI score0.02863EPSS
Exploits1Affected Software1
The Hacker News
The Hacker News
added 2021/09/13 1:48 p.m.40 views

Critical Bug Reported in NPM Package With Millions of Downloads Weekly

A widely used NPM package called 'Pac-Resolver' for the JavaScript programming language has been remediated with a fix for a high-severity remote code execution vulnerability that could be abused to run malicious code inside Node.js applications whenever HTTP requests are sent. The flaw, tracked ...

9.8CVSS9.2AI score0.02863EPSS
Exploits1
Circl
Circl
added 2021/08/24 12:23 p.m.6 views

CVE-2021-23406

creationtimestamp| type| source ---|---|--- 2021-08-24 12:23:46+00:00| seen| https://t.me/cibsecurity/27756 2021-09-13 15:55:18+00:00| seen| https://t.me/thehackernews/1508...

9.8CVSS8.9AI score0.02863EPSS
Exploits1References2
NVD
NVD
added 2021/08/24 8:15 a.m.14 views

CVE-2021-23406

This affects the package pac-resolver before 5.0.0. This can occur when used with untrusted input, due to unsafe PAC file handling. NOTE: The fix for this vulnerability is applied in the node-degenerator library, a dependency written by the same maintainer...

9.8CVSS0.02863EPSS
Exploits1References5
CVE
CVE
added 2021/08/24 7:45 a.m.98 views

CVE-2021-23406

Technical details about CVE-2021-23406 are not provided in the connected documents. Public details appear limited to the initial description. Monitor for updates from official advisories.

9.8CVSS8.8AI score0.02863EPSS
Exploits1References5Affected Software1
ATTACKERKB
ATTACKERKB
added 2021/08/24 7:43 a.m.3 views

CVE-2021-23406

This affects the package pac-resolver before 5.0.0. This can occur when used with untrusted input, due to unsafe PAC file handling. NOTE: The fix for this vulnerability is applied in the node-degenerator library, a dependency written by the same maintainer...

9.8CVSS5.4AI score0.02863EPSS
Exploits1References6
Rows per page
Query Builder