Lucene search
K

47 matches found

Tenable Nessus
Tenable Nessus
added 2024/02/29 12:0 a.m.21 views

CentOS 9 : nodejs-16.16.0-1.el9

The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the nodejs-16.16.0-1.el9 build changelog. - Versions of the npm CLI prior to 6.14.6 are vulnerable to an information exposure vulnerability through log files. The CLI supports URLs...

9.8CVSS7.1AI score0.81464EPSS
Exploits13References19
Tenable Nessus
Tenable Nessus
added 2023/11/06 12:0 a.m.29 views

Rocky Linux 8 : nodejs:16 (RLSA-2021:5171)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:5171 advisory. - This affects the package glob-parent before 5.1.2. The enclosure regex used to check for strings ending in enclosure containing path separator...

9.8CVSS7.2AI score0.04456EPSS
Exploits6References15
OpenVAS
OpenVAS
added 2023/06/22 12:0 a.m.30 views

SUSE: Security Advisory (SUSE-SU-2023:2578-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.5AI score0.68603EPSS
Exploits9References19
OSV
OSV
added 2023/06/21 11:49 a.m.10 views

SUSE-SU-2023:2578-1 Security update for SUSE Manager Client Tools

This update fixes the following issues: bind: - Provide bind dependencies and solve installation issues on SUSE Linux Enterprise Micro - There are no source changes dracut-saltboot: - Update to version 0.1.1681904360.84ef141 Load network configuration even when missing protocol version bsc1210640...

9.8CVSS7.8AI score0.68603EPSS
Exploits9References32
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/31 5:44 a.m.41 views

Security Bulletin: IBM Edge Application Manager 4.5 addresses the security vulnerability listed in the CVE below.

Summary IBM Edge Application Manager 4.5 addresses the security vulnerability listed in the CVE below. Vulnerability Details CVEID:CVE-2021-3918 DESCRIPTION: Json-schema could allow a remote attacker to execute arbitrary code on the system, caused by an improperly controlled modification of objec...

9.8CVSS9.8AI score0.03563EPSS
Exploits1Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/05/24 12:0 a.m.42 views

Ubuntu 18.04 LTS / 20.04 LTS : JSON Schema vulnerability (USN-6103-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-6103-1 advisory. It was discovered that JSON Schema incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted...

9.8CVSS7.6AI score0.03563EPSS
Exploits1References2
IBM Security Bulletins
IBM Security Bulletins
added 2023/02/01 9:58 p.m.52 views

Security Bulletin: IBM Process Mining is vulnerable to Prototype Pollution due to json-schema CVE-2021-3918

Summary json-schema is used by IBM Process Mining. CVE-2021-3918. The fix includes json-schema 0.4.0 Vulnerability Details CVEID:CVE-2021-3918 DESCRIPTION: Json-schema could allow a remote attacker to execute arbitrary code on the system, caused by an improperly controlled modification of object...

9.8CVSS9.8AI score0.03563EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/01/12 5:19 p.m.76 views

Security Bulletin: IBM Cloud Pak for Security includes components with multiple known vulnerabilities

Summary IBM Cloud Pak for Security includes components with known vulnerabilities. These have been updated in the latest release and vulnerabilities have been addressed. Please follow the instructions in the Remediation/Fixes section below to update to the latest version of Cloud Pak for Security...

9.8CVSS9.8AI score0.05299EPSS
Exploits4Affected Software1
OpenVAS
OpenVAS
added 2022/12/14 12:0 a.m.20 views

Mageia: Security Advisory (MGASA-2022-0463)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.7AI score0.03563EPSS
Exploits1References4
Debian
Debian
added 2022/12/06 7:15 p.m.42 views

[SECURITY] [DLA 3228-1] node-json-schema security update

----------------------------------------------------------------------- Debian LTS Advisory DLA-3228-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta December 07, 2022 https://wiki.debian.org/LTS -...

9.8CVSS9.7AI score0.03563EPSS
Exploits1
IBM Security Bulletins
IBM Security Bulletins
added 2022/07/14 2:18 a.m.50 views

Security Bulletin: Vulnerability in Json-schema library affect Tivoli Netcool/OMNIbus WebGUI (CVE-2021-3918)

Summary Json-schema is used by Tivoli Netcool/OMNIbus WebGUI as part of its web client component CVE-2021-3918. Vulnerability Details CVEID: CVE-2021-3918 DESCRIPTION: Json-schema could allow a remote attacker to execute arbitrary code on the system, caused by an improperly controlled modificatio...

9.8CVSS2.5AI score0.03563EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/06/17 9:6 a.m.38 views

Security Bulletin: IBM Integration Bus is vulnerable to arbitrary code execution due to json-schema (CVE-2021-3918)

Summary IBM Integration Bus is vulnerable to arbitrary code execution due to json-schema. The fix includes json-schema 0.4.0. Vulnerability Details CVEID: CVE-2021-3918 DESCRIPTION: Json-schema could allow a remote attacker to execute arbitrary code on the system, caused by an improperly controll...

9.8CVSS3.2AI score0.03563EPSS
Exploits1Affected Software1
OpenVAS
OpenVAS
added 2022/05/18 12:0 a.m.24 views

openSUSE: Security Advisory for nodejs10 (SUSE-SU-2022:1717-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.8AI score0.21514EPSS
Exploits6References2
OSV
OSV
added 2022/05/17 3:43 p.m.11 views

SUSE-SU-2022:1717-1 Security update for nodejs10

This update for nodejs10 fixes the following issues: - CVE-2021-23343: Fixed ReDoS via splitDeviceRe, splitTailRe and splitPathRe bsc1192153. - CVE-2021-32803: Fixed insufficient symlink protection in node-tar allowing arbitrary file creation and overwrite bsc1191963. - CVE-2021-32804: Fixed...

9.8CVSS8.3AI score0.21514EPSS
Exploits6References19
IBM Security Bulletins
IBM Security Bulletins
added 2022/04/07 3:42 a.m.85 views

Security Bulletin: Vulnerability in json4j - CVE-2021-3918 (Publicly disclosed vulnerability) impacts IBM Watson Machine Learning Accelerator

Summary Json4j is used IBM Watson Machine Learning Accelerator. This bulletin provides mitigations for the addressable vulnerability CVE-2021-3918 by upgrading addressable to latest version. Vulnerability Details CVEID: CVE-2021-3918 DESCRIPTION: Json-schema could allow a remote attacker to execu...

9.8CVSS1.7AI score0.03563EPSS
Exploits1Affected Software1
Tenable Nessus
Tenable Nessus
added 2022/03/12 12:0 a.m.54 views

AlmaLinux 8 : nodejs:14 (ALSA-2022:0350)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:0350 advisory. nodejs-json-schema: Prototype pollution vulnerability CVE-2021-3918 nodejs-ini: Prototype pollution via malicious INI file CVE-2020-7788 nodejs-glob-paren...

9.8CVSS7.3AI score0.04456EPSS
Exploits6References10
Tenable Nessus
Tenable Nessus
added 2022/03/12 12:0 a.m.44 views

AlmaLinux 8 : nodejs:16 (ALSA-2021:5171)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2021:5171 advisory. nodejs-json-schema: Prototype pollution vulnerability CVE-2021-3918 nodejs-ini: Prototype pollution via malicious INI file CVE-2020-7788 nodejs-glob-paren...

9.8CVSS7.1AI score0.04456EPSS
Exploits6References8
OpenVAS
OpenVAS
added 2022/03/05 12:0 a.m.29 views

openSUSE: Security Advisory for nodejs8 (openSUSE-SU-2022:0704-1)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS9.2AI score0.15014EPSS
Exploits4References2
OpenVAS
OpenVAS
added 2022/03/05 12:0 a.m.38 views

openSUSE: Security Advisory for nodejs14 (openSUSE-SU-2022:0715-1)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS9.2AI score0.15014EPSS
Exploits4References2
Tenable Nessus
Tenable Nessus
added 2022/03/05 12:0 a.m.47 views

openSUSE 15 Security Update : nodejs8 (openSUSE-SU-2022:0704-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2022:0704-1 advisory. - All versions of package path-parse are vulnerable to Regular Expression Denial of Service ReDoS via splitDeviceRe, splitTailRe, and...

9.8CVSS7.3AI score0.15014EPSS
Exploits4References16
Rows per page
Query Builder