Lucene search
K

49 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2022-0235

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - node-fetch is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor CVE-2022-0235 Note that Nessus relies on the presence of the package as...

8.8CVSS7.3AI score0.01646EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2024/07/12 12:0 a.m.27 views

RHEL 8 : grafana (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - nodejs-underscore: Arbitrary code execution via the template function CVE-2021-23358 - node-fetch is...

7.5CVSS8.2AI score0.04087EPSS
Exploits5References6
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.73 views

RHEL 8 : grafana (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - grafana: session control failure may lead to information disclosure CVE-2022-32275 - protobufjs: prototyp...

9.8CVSS7.8AI score0.08537EPSS
Exploits6References16
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.28 views

RHEL 8 : node-fetch (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - node-fetch: exposure of sensitive information to an unauthorized actor CVE-2022-0235 Note that Nessus has not teste...

6.9AI score0.01646EPSS
Exploits1References1
IBM Security Bulletins
IBM Security Bulletins
added 2024/03/28 3:34 p.m.76 views

Security Bulletin: IBM Planning Analytics Workspace is affected by vulnerabilities in multiple Open Source Software (OSS) components

Summary There are vulnerabilities in multiple Open Source Software OSS components consumed by IBM Planning Analytics Workspace. IBM Planning Analytics Workspace 2.0 Release 94 has addressed the applicable CVEs by upgrading or removing the vulnerable libraries. Please refer to the table in the...

10CVSS9.3AI score0.99999EPSS
Exploits22Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2023/09/05 12:46 p.m.47 views

Security Bulletin:Multiple Vulnerabilities found in Turf.js which is shipped with IBM® Intelligent Operations Center(CVE-2020-15168, CVE-2022-0235)

Summary Multiple vulnerabilities have been identified in Turf.js which is shipped with IBM® Intelligent Operations Center. Information about these vulnerabilities affecting IBM® Intelligent Operations Center have been published and addressed the applicable CVEs. Vulnerability Details...

8.8CVSS7.7AI score0.01692EPSS
Exploits1Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/06/13 12:0 a.m.41 views

Ubuntu 18.04 ESM / 20.04 LTS : Node Fetch vulnerability (USN-6158-1)

The remote Ubuntu 18.04 ESM / 20.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-6158-1 advisory. It was discovered that Node Fetch incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted...

8.8CVSS7.5AI score0.01646EPSS
Exploits1References2
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/17 7:55 p.m.32 views

Security Bulletin: IBM InfoSphere Information Server is affected by multiple vulnerabilities in Node.js (CVE-2022-0235,CVE-2020-15168)

Summary Multiple vulnerabilities in Node.js used by InfoSphere Information Server were addressed. Vulnerability Details CVEID:CVE-2022-0235 DESCRIPTION: Node.js node-fetch could allow a remote authenticated attacker to obtain sensitive information, caused by a flaw when fetching a remote url with...

8.8CVSS7.4AI score0.01692EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/15 12:7 p.m.265 views

Security Bulletin: A security vulnerability in Node.js node-fetch module affects IBM Cloud Automation Manager

Summary A security vulnerability in Node.js node-fetch module affects IBM Cloud Automation Manager. Vulnerability Details CVEID:CVE-2022-0235 DESCRIPTION: Node.js node-fetch could allow a remote authenticated attacker to obtain sensitive information, caused by a flaw when fetching a remote url wi...

6.1CVSS7.5AI score0.01646EPSS
Exploits1Affected Software1
RedHat Linux
RedHat Linux
added 2023/04/12 3:4 p.m.60 views

Important: Red Hat Security Advisory: nodejs:14 security, bug fix, and enhancement update

An update for the nodejs:14 module is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

9.8CVSS7.2AI score0.24928EPSS
Exploits11References19
Tenable Nessus
Tenable Nessus
added 2023/04/12 12:0 a.m.36 views

RHEL 8 : nodejs:14 (RHSA-2023:1742)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:1742 advisory. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The...

9.8CVSS7.7AI score0.24928EPSS
Exploits11References36
IBM Security Bulletins
IBM Security Bulletins
added 2023/04/04 6:22 p.m.43 views

Security Bulletin: IBM QRadar Data Synchronization App for IBM QRadar SIEM is vulnerable to using components with known vulnerabilities

Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. IBM QRadar Data Synchronization App for IBM QRadar SIEM has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2022-0235 DESCRIPTION: Node.js...

8.8CVSS7.1AI score0.05664EPSS
Exploits2Affected Software1
RedHat Linux
RedHat Linux
added 2023/02/06 7:42 p.m.66 views

Moderate: Red Hat Security Advisory: rh-nodejs14-nodejs and rh-nodejs14-nodejs-nodemon security update

An update for rh-nodejs14-nodejs and rh-nodejs14-nodejs-nodemon is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating,...

9.8CVSS7AI score0.14663EPSS
Exploits5References9
Tenable Nessus
Tenable Nessus
added 2023/01/10 12:0 a.m.127 views

AlmaLinux 8 : nodejs:14 (ALSA-2023:0050)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:0050 advisory. minimist: prototype pollution CVE-2021-44906 node-fetch: exposure of sensitive information to an unauthorized actor CVE-2022-0235 nodejs-minimatch: ReDoS...

9.8CVSS7.1AI score0.14663EPSS
Exploits4References6
RedHat Linux
RedHat Linux
added 2023/01/09 2:55 p.m.83 views

Moderate: Red Hat Security Advisory: nodejs:14 security, bug fix, and enhancement update

An update for the nodejs:14 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

9.8CVSS7AI score0.14663EPSS
Exploits4References7
OSV
OSV
added 2023/01/09 2:24 p.m.32 views

RLSA-2023:0050 Moderate: nodejs:14 security, bug fix, and enhancement update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs 14.21.1, nodejs-nodemon 2.0.20. Security Fixes: minimist: prototype pollution...

9.8CVSS8.8AI score0.14663EPSS
Exploits4References7
OSV
OSV
added 2023/01/09 12:0 a.m.49 views

ALSA-2023:0050 Moderate: nodejs:14 security, bug fix, and enhancement update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs 14.21.1, nodejs-nodemon 2.0.20. Security Fixes: minimist: prototype pollution...

9.8CVSS8.8AI score0.14663EPSS
Exploits4References12
AlmaLinux
AlmaLinux
added 2023/01/09 12:0 a.m.120 views

Moderate: nodejs:14 security, bug fix, and enhancement update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs 14.21.1, nodejs-nodemon 2.0.20. Security Fixes: minimist: prototype pollution...

9.8CVSS8.4AI score0.14663EPSS
Exploits4References12
Tenable Nessus
Tenable Nessus
added 2023/01/09 12:0 a.m.77 views

Oracle Linux 8 : nodejs:14 (ELSA-2023-0050)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-0050 advisory. - Apply upstream fix for CVE-2022-24999 Resolves: CVE-2022-24999 - Record CVEs fixed by current or previous upstream releases Resolves: CVE-2021-44906...

9.8CVSS7.2AI score0.14663EPSS
Exploits4References6
Tenable Nessus
Tenable Nessus
added 2023/01/09 12:0 a.m.44 views

CentOS 8 : nodejs:14 (CESA-2023:0050)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2023:0050 advisory. - Minimist =1.2.5 is vulnerable to Prototype Pollution via file index.js, function setKey lines 69-95. CVE-2021-44906 - node-fetch is vulnerable to...

9.8CVSS7.1AI score0.14663EPSS
Exploits4References6
Rows per page
Query Builder