9 matches found
Security Bulletin: Open Source Dependency Vulnerability
Summary IBM Edge Application Manager 4.5 has resolved the vulnerability. Vulnerability Details CVEID:CVE-2022-24772 DESCRIPTION: Node.js node-forge module could allow a remote attacker to bypass security restrictions, caused by improper signature verification when checking for tailing garbage byt...
Security Bulletin: A security vulnerability in Node.js node-forge module affects IBM Cloud Automation Manager
Summary A security vulnerability in Node.js node-forge module affects IBM Cloud Automation Manager. Vulnerability Details CVEID: CVE-2022-0122 DESCRIPTION: Node.js node-forge could allow a remote attacker to conduct phishing attacks, caused by an open redirect vulnerability. An attacker could...
Security Bulletin: IBM App Connect Enterprise Certified Container Designer flows containing GMail connectors maybe vulnerable to URL redirection to untrusted sites due to CVE-2022-0122
Summary The Node.js module node-forge is used internally by the GMail connector, both as an action connector and an event connector. IBM App Connect Enterprise Certified Container Designer flows containing GMail connectors maybe vulnerable to URL redirection to untrusted sites. This bulletin...
-tompan-reacttemplate (>=1.0.1 <=1.1.0), 00ld8nuivn (=2.1.0) +40711 more potentially affected by CVE-2022-0122 via node-forge (>=0.10.0 <=0.9.2)
node-forge NPM version =0.10.0, =1.0.1, =1.1.0 - 00ld8nuivn =2.1.0 - 00rqiw31nd =2.1.0 - 01dk01majk =2.1.0 - 02rjq8i863 =1.1.0 - 02vx8qsp01 =2.1.0 - 05y6tjgmws =1.1.0 - 066m7q8o0z =2.1.0 - 06buj9h3su =2.1.0 - 06dre15t8r =2.1.0 - 0726react =0.1.1 - 07fgapmu9l =1.1.0 - 07t2xvu6t4 =2.1.0 - 0850u4lkp...
-tompan-reacttemplate (>=1.0.1 <=1.1.0), 00ld8nuivn (=2.1.0) +40711 more potentially affected by CVE-2022-0122 via node-forge (>=0.10.0 <=0.9.2)
node-forge NPM version =0.10.0, =1.0.1, =1.1.0 - 00ld8nuivn =2.1.0 - 00rqiw31nd =2.1.0 - 01dk01majk =2.1.0 - 02rjq8i863 =1.1.0 - 02vx8qsp01 =2.1.0 - 05y6tjgmws =1.1.0 - 066m7q8o0z =2.1.0 - 06buj9h3su =2.1.0 - 06dre15t8r =2.1.0 - 0726react =0.1.1 - 07fgapmu9l =1.1.0 - 07t2xvu6t4 =2.1.0 - 0850u4lkp...
CVE-2022-0122
forge is vulnerable to URL Redirection to Untrusted Site...
CVE-2022-0122 Open Redirect in digitalbazaar/forge
forge is vulnerable to URL Redirection to Untrusted Site...
CVE-2022-0122
CVE-2022-0122 — The initial description notes that the Forge (node-forge) library is vulnerable to URL Redirection to Untrusted Site. The connected documents confirm this CVE is present in the Forge project, with a reference to a Forge commit that relates to the issue, but there are no explicit p...
CVE-2022-0122 Open Redirect in digitalbazaar/forge
forge is vulnerable to URL Redirection to Untrusted Site...