Lucene search
+L

4 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2022/10/11 2:46 p.m.37 views

Security Bulletin: IBM App Connect Enterprise is vulnerable to Improper Input Validation due to electron (CVE-2022-29257)

Summary IBM App Connect Enterprise is vulnerable to Improper Input Validation due to electron CVE-2022-29257. Electron is used for Discovery Connectors in IBM App Connect Enterprise. The latest fix pack includes electron 19.0.10. Vulnerability Details CVEID:CVE-2022-29257 DESCRIPTION: Node.js...

7.2CVSS6.9AI score0.0085EPSS
Exploits0Affected Software1
vulnersOsv
vulnersOsv
added 2022/06/16 11:18 p.m.3 views

0.app1 (=1.0.52), 0.edsql (>=1.0.49 <=1.0.50) +336 more potentially affected by CVE-2022-29257 via electron (>=0.1.2 <=15.3.7)

electron NPM version =0.1.2, =1.0.49, =1.0.49, =1.0.49, =1.0.0, =4.0.23, =0.0.73, =3.0.0, =2.10.0, =2.18.0-dev.10 and more Source cves: CVE-2022-29257 Source advisory: OSV:GHSA-77XC-HJV8-WW97...

7.2CVSS7AI score0.0085EPSS
Exploits0
Circl
Circl
added 2022/06/14 2:18 a.m.5 views

CVE-2022-29257

creationtimestamp| type| source ---|---|--- 2022-06-14 02:18:21+00:00| seen| https://t.me/cibsecurity/44349...

7.2CVSS7AI score0.0085EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2022/06/13 9:25 p.m.7 views

CVE-2022-29257 Electron's AutoUpdater module fails to validate certain nested components of the bundle

Electron is a framework for writing cross-platform desktop applications using JavaScript JS, HTML, and CSS. A vulnerability in versions prior to 18.0.0-beta.6, 17.2.0, 16.2.6, and 15.5.5 allows attackers who have control over a given apps update server / update storage to serve maliciously crafte...

6.6CVSS7AI score0.0085EPSS
Exploits0References1
Rows per page
Query Builder