Lucene search
+L

10 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/30 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2022-25887

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The package sanitize-html before 2.7.1 are vulnerable to Regular Expression Denial of Service ReDoS due to insecure global regular expression replacement logic ...

7.5CVSS6.7AI score0.0115EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2023/02/07 10:21 a.m.28 views

Security Bulletin: Denial of Service vulnerability affects IBM Business Automation Workflow - CVE-2022-25887

Summary IBM Business Automation Workflow is vulnerable to a Denial of Service attack. Vulnerability Details CVEID:CVE-2022-25887 DESCRIPTION: Node.js sanitize-html module is vulnerable to a denial of service, caused by insecure global regular expression replacement logic of HTML comment removal. ...

7.5CVSS6.2AI score0.0115EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2022/11/04 5:26 p.m.25 views

Security Bulletin: IBM App Connect Enterprise Certified Container Dashboards may be vulnerable to denial of service due to CVE-2022-25887

Summary Node.js module sanitize-html is used internally by IBM App Connect Enterprise Certified Container for parsing error messages. IBM App Connect Enterprise Certified Container Dashboards may be vulnerable to denial of service when processing error messages. This bulletin provides patch...

7.5CVSS6.2AI score0.0115EPSS
Exploits0Affected Software1
RedHat Linux
RedHat Linux
added 2022/11/02 2:5 p.m.191 views

Moderate: Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.6.2 security update and bug fixes

Red Hat Advanced Cluster Management for Kubernetes 2.6.2 General Availability release images, which fix bugs and update container images. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a...

7.5CVSS6.6AI score0.04923EPSS
Exploits2References9
IBM Security Bulletins
IBM Security Bulletins
added 2022/10/13 10:18 p.m.41 views

Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Node.js

Summary IBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of Node.js. Vulnerability Details CVEID:CVE-2022-25887 DESCRIPTION: Node.js sanitize-html module is vulnerable to a denial of service, caused by insecure global regular expression replacement logic of HTML comme...

7.5CVSS6.5AI score0.04923EPSS
Exploits3Affected Software1
vulnersOsv
vulnersOsv
added 2022/08/31 12:0 a.m.7 views

08cms (=1.0.0), 10secondsofcode-custom (=1.0.0) +6405 more potentially affected by CVE-2022-25887 via sanitize-html (>=0.1.4 <=2.7.0)

sanitize-html NPM version =0.1.4, =1.0.0, =0.15.4, =4.11.0, =1.0.0, =0.1.0, =1.0.0, =1.0.0, =0.0.74, =0.0.14, =0.0.1, =0.0.1, =0.6.0, =3.0.19, =3.0.25 and more Source cves: CVE-2022-25887 Source advisory: OSV:GHSA-CGFM-XWP7-2CVR...

7.5CVSS6.7AI score0.0115EPSS
Exploits0
NVD
NVD
added 2022/08/30 5:15 a.m.12 views

CVE-2022-25887

The package sanitize-html before 2.7.1 are vulnerable to Regular Expression Denial of Service ReDoS due to insecure global regular expression replacement logic of HTML comment removal...

7.5CVSS0.0115EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2022/08/30 5:0 a.m.30 views

CVE-2022-25887

The package sanitize-html before 2.7.1 are vulnerable to Regular Expression Denial of Service ReDoS due to insecure global regular expression replacement logic of HTML comment removal...

7.5CVSS6.2AI score0.0115EPSS
Exploits0
Cvelist
Cvelist
added 2022/08/30 5:0 a.m.23 views

CVE-2022-25887 Regular Expression Denial of Service (ReDoS)

The package sanitize-html before 2.7.1 are vulnerable to Regular Expression Denial of Service ReDoS due to insecure global regular expression replacement logic of HTML comment removal...

5.3CVSS7.5AI score0.0115EPSS
Exploits0References4
CVE
CVE
added 2022/08/30 5:0 a.m.230 views

CVE-2022-25887

CVE-2022-25887 affects the Node.js package Sanitize-html up to version 2.7.1, vulnerable to a Regular Expression Denial of Service (ReDoS) caused by insecure global regex replacement during HTML comment removal. The NVD entry reports a CVSS v3.1 base score of 7.5 (high impact) with network attack...

7.5CVSS6.1AI score0.0115EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder