Lucene search
K

9 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2023/05/15 5:28 p.m.48 views

Security Bulletin: Open Source Dependency Vulnerability

Summary IBM Edge Application Manager 4.5 has resolved the vulnerability. Vulnerability Details CVEID:CVE-2022-24772 DESCRIPTION: Node.js node-forge module could allow a remote attacker to bypass security restrictions, caused by improper signature verification when checking for tailing garbage byt...

7.5CVSS7.4AI score0.01015EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/03/15 5:28 p.m.17 views

Security Bulletin: A security vulnerability in Node.js node-forge module affects IBM Cloud Automation Manager

Summary A security vulnerability in Node.js node-forge module affects IBM Cloud Automation Manager. Vulnerability Details CVEID: CVE-2022-0122 DESCRIPTION: Node.js node-forge could allow a remote attacker to conduct phishing attacks, caused by an open redirect vulnerability. An attacker could...

6.1CVSS6.4AI score0.00832EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/02/01 10:33 a.m.23 views

Security Bulletin: IBM App Connect Enterprise Certified Container Designer flows containing GMail connectors maybe vulnerable to URL redirection to untrusted sites due to CVE-2022-0122

Summary The Node.js module node-forge is used internally by the GMail connector, both as an action connector and an event connector. IBM App Connect Enterprise Certified Container Designer flows containing GMail connectors maybe vulnerable to URL redirection to untrusted sites. This bulletin...

6.1CVSS6.3AI score0.00832EPSS
Exploits1Affected Software1
vulnersOsv
vulnersOsv
added 2022/01/21 11:36 p.m.10 views

-tompan-reacttemplate (>=1.0.1 <=1.1.0), 00ld8nuivn (=2.1.0) +40711 more potentially affected by CVE-2022-0122 via node-forge (>=0.10.0 <=0.9.2)

node-forge NPM version =0.10.0, =1.0.1, =1.1.0 - 00ld8nuivn =2.1.0 - 00rqiw31nd =2.1.0 - 01dk01majk =2.1.0 - 02rjq8i863 =1.1.0 - 02vx8qsp01 =2.1.0 - 05y6tjgmws =1.1.0 - 066m7q8o0z =2.1.0 - 06buj9h3su =2.1.0 - 06dre15t8r =2.1.0 - 0726react =0.1.1 - 07fgapmu9l =1.1.0 - 07t2xvu6t4 =2.1.0 - 0850u4lkp...

6.1CVSS6.3AI score0.00832EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2022/01/08 12:22 a.m.7 views

-tompan-reacttemplate (>=1.0.1 <=1.1.0), 00ld8nuivn (=2.1.0) +40711 more potentially affected by CVE-2022-0122 via node-forge (>=0.10.0 <=0.9.2)

node-forge NPM version =0.10.0, =1.0.1, =1.1.0 - 00ld8nuivn =2.1.0 - 00rqiw31nd =2.1.0 - 01dk01majk =2.1.0 - 02rjq8i863 =1.1.0 - 02vx8qsp01 =2.1.0 - 05y6tjgmws =1.1.0 - 066m7q8o0z =2.1.0 - 06buj9h3su =2.1.0 - 06dre15t8r =2.1.0 - 0726react =0.1.1 - 07fgapmu9l =1.1.0 - 07t2xvu6t4 =2.1.0 - 0850u4lkp...

6.1CVSS6.3AI score0.00832EPSS
Exploits1
NVD
NVD
added 2022/01/06 5:15 a.m.7 views

CVE-2022-0122

forge is vulnerable to URL Redirection to Untrusted Site...

6.1CVSS0.00832EPSS
Exploits1References2
Cvelist
Cvelist
added 2022/01/06 5:0 a.m.15 views

CVE-2022-0122 Open Redirect in digitalbazaar/forge

forge is vulnerable to URL Redirection to Untrusted Site...

5.3CVSS6.4AI score0.00832EPSS
Exploits1References2
CVE
CVE
added 2022/01/06 5:0 a.m.101 views

CVE-2022-0122

CVE-2022-0122 — The initial description notes that the Forge (node-forge) library is vulnerable to URL Redirection to Untrusted Site. The connected documents confirm this CVE is present in the Forge project, with a reference to a Forge commit that relates to the issue, but there are no explicit p...

6.1CVSS5.8AI score0.00832EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2022/01/06 5:0 a.m.18 views

CVE-2022-0122 Open Redirect in digitalbazaar/forge

forge is vulnerable to URL Redirection to Untrusted Site...

5.3CVSS5.7AI score0.00832EPSS
Exploits1References4
Rows per page
Query Builder