Lucene search
K

16 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2025/06/25 4:30 p.m.4 views

Security Bulletin: IBM Storage Fusion Data Foundation is affected DOS caused by specially crafted regex or prototype pollution flaw (CVE-2022-37599, CVE-2022-37603, CVE-2022-37601)

Summary IBM Storage Fusion Data Foundation is used by IBM Storage Fusion Data Foundation. The application server takes input and crafted regex can cause the exploit to Denial of service. CVE-2022-37599, CVE-2022-37603, CVE-2022-37601. Vulnerability Details CVEID:CVE-2022-37599 DESCRIPTION:...

9.8CVSS7.9AI score0.02601EPSS
Exploits2Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.16 views

Linux Distros Unpatched Vulnerability : CVE-2022-37599

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A Regular expression denial of service ReDoS flaw was found in Function interpolateName in interpolateName.js in webpack loader-utils 2.0.0 via the resourcePath...

7.5CVSS7.1AI score0.0204EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.28 views

RHEL 7 : loader-utils (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - loader-utils: prototype pollution in function parseQuery in parseQuery.js CVE-2022-37601 - A Regular...

8.1AI score0.02601EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.31 views

RHEL 6 : loader-utils (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - loader-utils: prototype pollution in function parseQuery in parseQuery.js CVE-2022-37601 - A Regular...

9.2AI score0.02601EPSS
Exploits2References3
OpenVAS
OpenVAS
added 2024/02/28 12:0 a.m.27 views

Fedora: Security Advisory (FEDORA-2024-28fc0c2ef4)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.5AI score0.02542EPSS
Exploits2References5
OpenVAS
OpenVAS
added 2024/02/28 12:0 a.m.34 views

Fedora: Security Advisory for yarnpkg (FEDORA-2024-5ecc250449)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.8AI score0.02542EPSS
Exploits2References2
IBM Security Bulletins
IBM Security Bulletins
added 2023/08/29 9:45 p.m.41 views

Security Bulletin: IBM Storage Fusion and IBM Storage Fusion HCI may vulnerable to denial of service, spoofing attacks via dependent JavaScript libraries (CVE-2021-23440, CVE-2018-25031, CVE-2022-46175, CVE-2022-37599, CVE-2022-37603)

Summary IBM Storage Fusion and IBM Storage Fusion HCI, previously known as Spectrum Fusion and Spectrum Fusion HCI, may be affected by vulnerabilities in set-value Node.js, swagger-ui, JSON5, webpack/loader-utils. Vulnerabilities include access of resources using improper type leading to denial o...

9.8CVSS8.3AI score0.42326EPSS
Exploits7Affected Software1
RedhatCVE
RedhatCVE
added 2023/05/23 10:40 a.m.46 views

CVE-2022-37599

A flaw was found in the interpolateName function in interpolateName.js in the webpack loader-utils 2.0.0 via the resourcePath variable in interpolateName.js. This flaw can lead to a regular expression denial of service ReDoS. Mitigation Mitigation for this issue is either not available or the...

7.5CVSS7.1AI score0.0204EPSS
Exploits0References5
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/22 2:23 p.m.57 views

Security Bulletin: There are multiple vulnerabilites that affect IBM Engineering Requirements Quality Assistant On-Premises

Summary IBM Engineering Requirements Quality Assistant On-Premises affected by multiple vulnerabilities due to which an attacker could exploit this vulnerability to execute arbitrary code on the system and cause the application to crash cause a denial of service condition on the system. This...

9.8CVSS9.3AI score0.14663EPSS
Exploits7Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/15 6:46 p.m.29 views

Security Bulletin: Open Source Dependency Vulnerability

Summary IBM Edge Application Manager 4.5 has resolved the vulnerability. Vulnerability Details CVEID:CVE-2022-37599 DESCRIPTION: loader-utils is vulnerable to a denial of service, caused by a regular expression denial of service ReDoS flaw in the interpolateName.js script. By sending...

7.5CVSS8.1AI score0.0204EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/15 6:31 p.m.43 views

Security Bulletin: Open Source Dependency Vulnerability

Summary IBM Edge Application Manager 4.5 has resolved the vulnerability. Vulnerability Details CVEID:CVE-2022-37601 DESCRIPTION: webpack loader-utils could allow a remote attacker to execute arbitrary code on the system, caused by a prototype pollution flaw in the parseQuery function in...

9.8CVSS9.1AI score0.02601EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/01/03 9:16 a.m.45 views

Security Bulletin: Automation Assets in IBM Cloud Pak for Integration is vulnerable to denial of service due to loader-utils CVE-2022-37599

Summary Automation Assets in IBM Cloud Pak for Integration is vulnerable to denial of service due to loader-utils CVE-2022-37599 with details below Vulnerability Details CVEID:CVE-2022-37599 DESCRIPTION: loader-utils is vulnerable to a denial of service, caused by a regular expression denial of...

7.5CVSS8.1AI score0.0204EPSS
Exploits0Affected Software1
vulnersOsv
vulnersOsv
added 2022/10/12 12:0 p.m.5 views

@alfresco/adf-testing (=6.0.0-A.2-8258), @angular-architects/build-angular (=14.2.0-next.0) +54 more potentially affected by CVE-2022-37599 via loader-utils (>=3.0.0 <=3.2.0)

loader-utils NPM version =3.0.0, =0.9.2, =13.0.0, =1.0.0, =1.3.1, =13.0.0-rc.18, =3.9.0, =13.0.0, =0.1.0, =1.7.4, =4.7.1-beta.0, =4.7.1-beta.0, =9.1.3-beta.1 and more Source cves: CVE-2022-37599 Source advisory: OSV:GHSA-HHQ3-FF78-JV3G...

7.5CVSS7.1AI score0.0204EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2022/10/12 12:0 p.m.7 views

-tompan-reacttemplate (>=1.0.1 <=1.1.0), 0x0.icu.anima (=0.1.0) +14881 more potentially affected by CVE-2022-37599 via loader-utils (>=1.0.0 <=1.4.1)

loader-utils NPM version =1.0.0, =1.0.1, =1.0.5, =0.1.0, =0.1.0, =1.0.3, =0.1.0, =0.1.2, =0.0.2, =0.3.0, =0.1.4, =0.1.6 and more Source cves: CVE-2022-37599 Source advisory: OSV:GHSA-HHQ3-FF78-JV3G...

7.5CVSS7.1AI score0.0204EPSS
Exploits0
OSV
OSV
added 2022/10/11 7:15 p.m.2 views

DEBIAN-CVE-2022-37599

A Regular expression denial of service ReDoS flaw was found in Function interpolateName in interpolateName.js in webpack loader-utils 2.0.0 via the resourcePath variable in interpolateName.js...

7.5CVSS7.4AI score0.0204EPSS
Exploits0References1
CVE
CVE
added 2022/10/11 12:0 a.m.228 views

CVE-2022-37599

CVE-2022-37599: A ReDoS in Function interpolateName (interpolateName.js) in webpack loader-utils 2.0.0 is triggered via the resourcePath variable in interpolateName.js. The Nessus/Confluence entry explicitly ties this CVE to affected Confluence deployments using webpack loader-utils, describing a...

7.5CVSS7.2AI score0.0204EPSS
Exploits0References7Affected Software1
Rows per page
Query Builder