Lucene search
K

7 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2022/11/09 6:53 p.m.37 views

Security Bulletin: IBM QRadar Assistant app for IBM QRadar SIEM includes components with multiple known vulnerabilities

Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. IBM has released a new version which addresses the vulnerabilities. Vulnerability Details CVEID:CVE-2021-42581 DESCRIPTION: Ramda could allow a remote attacker t...

9.1CVSS8.8AI score0.2241EPSS
Exploits14Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/11/04 5:35 p.m.26 views

Security Bulletin: IBM App Connect Enterprise Certified Container operands may be vulnerable to denial of service due to CVE-2022-2596

Summary Node.js module node-fetch is used by IBM App Connect Enterprise Certified Container for some HTTP calls. IBM App Connect Enterprise Certified Container operands may be vulnerable to denial of service. This bulletin provides patch information to address the reported vulnerability...

5.9CVSS5.8AI score0.01126EPSS
Exploits1Affected Software1
vulnersOsv
vulnersOsv
added 2022/08/02 12:0 a.m.3 views

4i18n-cli (>=0.0.2 <=0.0.7), @about7sharks/get-articles (>=0.0.1 <=0.0.22) +114 more potentially affected by CVE-2022-2596 via node-fetch (>=3.0.0 <=3.2.1)

node-fetch NPM version =3.0.0, =0.0.2, =0.0.1, =1.1.0, =1.273.2, =1.0.0, =7.0.0, =2.14.0, =0.9.0, =0.10.1, =0.5.1, =0.7.0 and more Source cves: CVE-2022-2596 Source advisory: OSV:GHSA-VP56-6G26-6827...

5.9CVSS6.5AI score0.01126EPSS
Exploits1
UbuntuCve
UbuntuCve
added 2022/08/01 3:15 p.m.369 views

CVE-2022-2596

Inefficient Regular Expression Complexity in GitHub repository node-fetch/node-fetch prior to 3.2.10...

5.9CVSS6.5AI score0.01126EPSS
Exploits1References5
OSV
OSV
added 2022/08/01 2:13 p.m.23 views

CVE-2022-2596 Inefficient Regular Expression Complexity in node-fetch/node-fetch

Inefficient Regular Expression Complexity in GitHub repository node-fetch/node-fetch prior to 3.2.10...

5.9CVSS6.2AI score0.01126EPSS
Exploits1References4
CVE
CVE
added 2022/08/01 2:13 p.m.109 views

CVE-2022-2596

CVE-2022-2596 affects node-fetch/node-fetch prior to 3.2.10, where an inefficient regular expression can lead to denial of service. The root cause is a ReDoS in isOriginPotentiallyTrustworthy() within referrer.js. Public advisories (GitHub GHSA) confirm the vulnerability and indicate the fix is t...

5.9CVSS6.2AI score0.01126EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2022/08/01 2:13 p.m.39 views

CVE-2022-2596 Inefficient Regular Expression Complexity in node-fetch/node-fetch

Inefficient Regular Expression Complexity in GitHub repository node-fetch/node-fetch prior to 3.2.10...

5.9CVSS5.8AI score0.01126EPSS
Exploits1References2
Rows per page
Query Builder