21 matches found
Atlassian Confluence 9.0.1 < 9.2.1 / 9.3.x < 9.4.0 / 9.5.x < 9.5.1 / 10.0.x < 10.0.2 / 10.1.0 / 10.2.0 (CONFSERVER-101575)
The version of Atlassian Confluence Server running on the remote host is affected by a denial of service vulnerability as referenced in the CONFSERVER-101575 advisory. - A Regular expression denial of service ReDoS flaw was found in Function interpolateName in interpolateName.js in webpack...
Security Bulletin: IBM Storage Fusion Data Foundation is affected DOS caused by specially crafted regex or prototype pollution flaw (CVE-2022-37599, CVE-2022-37603, CVE-2022-37601)
Summary IBM Storage Fusion Data Foundation is used by IBM Storage Fusion Data Foundation. The application server takes input and crafted regex can cause the exploit to Denial of service. CVE-2022-37599, CVE-2022-37603, CVE-2022-37601. Vulnerability Details CVEID:CVE-2022-37599 DESCRIPTION:...
Security Bulletin: IBM QRadar Data Synchronization App for IBM QRadar SIEM is vulnerable to using components with known vulnerabilities
Summary The product includes vulnerable components e.g., framework libraries that could be identified and exploited with automated tools. IBM QRadar Data Synchronization App for IBM QRadar SIEM has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2022-37601 DESCRIPTION: webpack...
RHEL 8 : gjs (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - angular: XSS vulnerability CVE-2021-4231 - Hawk is an HTTP authentication scheme providing mechanisms for...
RHEL 7 : loader-utils (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - loader-utils: prototype pollution in function parseQuery in parseQuery.js CVE-2022-37601 - A Regular...
RHEL 6 : loader-utils (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - loader-utils: prototype pollution in function parseQuery in parseQuery.js CVE-2022-37601 - A Regular...
Security Bulletin: IBM Storage Fusion and IBM Storage Fusion HCI may vulnerable to denial of service, spoofing attacks via dependent JavaScript libraries (CVE-2021-23440, CVE-2018-25031, CVE-2022-46175, CVE-2022-37599, CVE-2022-37603)
Summary IBM Storage Fusion and IBM Storage Fusion HCI, previously known as Spectrum Fusion and Spectrum Fusion HCI, may be affected by vulnerabilities in set-value Node.js, swagger-ui, JSON5, webpack/loader-utils. Vulnerabilities include access of resources using improper type leading to denial o...
Moderate: Red Hat Security Advisory: Migration Toolkit for Runtimes security update
Migration Toolkit for Runtimes 1.1.0 release Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...
Security Bulletin: Loader-utils is vulnerable to CVE-2022-37603 used in IBM Maximo Application Suite - Monitor Component
Summary IBM Maximo Application Suite - Monitor Component uses loader-utils which is vulnerable to CVE-2022-37603. Vulnerability Details CVEID:CVE-2022-37603 DESCRIPTION: webpack loader-utils is vulnerable to a denial of service, caused by a regular expression denial of service ReDoS flaw in the...
Security Bulletin: IBM App Connect Enterprise Certified Container DesignerAuthoring operands may be vulnerable to denial of service due to [CVE-2022-37603]
Summary Node.js module loader-utils is used by IBM App Connect Enterprise Certified Container by DesignerAuthoring operands. IBM App Connect Enterprise Certified Container DesignerAuthoring operands may be vulnerable to denial of service. This bulletin provides patch information to address the...
Important: Red Hat Security Advisory: Red Hat Single Sign-On 7.6.2 security update on RHEL 8
New Red Hat Single Sign-On 7.6.2 packages are now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Important: Red Hat Security Advisory: Red Hat Data Grid 8.4.1 security update
An update for Red Hat Data Grid 8 is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...
Important: Red Hat Security Advisory: Migration Toolkit for Runtimes security update
An update is now available for Migration Toolkit for Runtimes v1.0.1. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...
Moderate: Red Hat Security Advisory: Logging Subsystem 5.5.5 - Red Hat OpenShift security update
Logging Subsystem 5.5.5 - Red Hat OpenShift Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the Referenc...
@alfresco/adf-testing (=6.0.0-A.2-8258), @angular-architects/build-angular (=14.2.0-next.0) +54 more potentially affected by CVE-2022-37603 via loader-utils (>=3.0.0 <=3.2.0)
loader-utils NPM version =3.0.0, =0.9.2, =13.0.0, =1.0.0, =1.3.1, =13.0.0-rc.18, =3.9.0, =13.0.0, =0.1.0, =1.7.4, =4.7.1-beta.0, =4.7.1-beta.0, =9.1.3-beta.1 and more Source cves: CVE-2022-37603 Source advisory: OSV:GHSA-3RFM-JHWJ-7488...
-tompan-reacttemplate (>=1.0.1 <=1.1.0), 0x0.icu.anima (=0.1.0) +14881 more potentially affected by CVE-2022-37603 via loader-utils (>=1.0.0 <=1.4.1)
loader-utils NPM version =1.0.0, =1.0.1, =1.0.5, =0.1.0, =0.1.0, =1.0.3, =0.1.0, =0.1.2, =0.0.2, =0.3.0, =0.1.4, =0.1.6 and more Source cves: CVE-2022-37603 Source advisory: OSV:GHSA-3RFM-JHWJ-7488...
DEBIAN-CVE-2022-37603
A Regular expression denial of service ReDoS flaw was found in Function interpolateName in interpolateName.js in webpack loader-utils 2.0.0 via the url variable in interpolateName.js...
CVE-2022-37603
A Regular expression denial of service ReDoS flaw was found in Function interpolateName in interpolateName.js in webpack loader-utils 2.0.0 via the url variable in interpolateName.js...
CVE-2022-37603
A Regular expression denial of service ReDoS flaw was found in Function interpolateName in interpolateName.js in webpack loader-utils 2.0.0 via the url variable in interpolateName.js...
CVE-2022-37603
CVE-2022-37603 describes a Regular Expression Denial of Service (ReDoS) in webpack-loader-utils, specifically in Function interpolateName.js (interpolateName.js) via the url variable. The issue affects loader-utils v2.0.0 and can lead to DoS conditions in applications that process input using thi...