Lucene search
+L

5 matches found

ibm
ibm
added 2023/05/25 10:21 a.m.32 views

Security Bulletin: IBM App Connect Enterprise Certified Container IntegrationServer operands that run Designer flows is vulnerable to arbitrary code execution due to [CVE-2022-37614]

Summary Node.js module mockery is not used directly by IBM App Connect Enterprise Certified Container but is present in some of the images. IBM App Connect Enterprise Certified Container IntegrationServer operands that run Designer flows may be vulnerable to arbitrary code execution. This bulleti...

9.8CVSS9.8AI score0.01188EPSS
Exploits1Affected Software1
vulnersosv
vulnersosv
added 2022/10/12 7:0 p.m.5 views

@akki9194/arm-rest-test-akshay (=1.0.0), @balena/open-balena-api (>=0.27.8-add-device-online-state-manager-7ac6d12f7adc353f80d89bd0cec08544e1a09181 <=0.30.2-add-device-online-state-manager-7af860b6826194984b1d0f4de717b6b7ad1d2194) +275 more potentially affected by CVE-2022-37614 via mockery (>=1.1.2 <=2.1.0)

mockery NPM version =1.1.2, =0.27.8-add-device-online-state-manager-7ac6d12f7adc353f80d89bd0cec08544e1a09181, =10.0.0, =0.0.26, =0.0.26, =0.0.26, =0.0.26, =0.9.0, =1.0.0, =0.1.0, =1.0.0, =1.0.9 and more Source cves: CVE-2022-37614 Source advisory: OSV:GHSA-GMWP-3PWC-3J3G...

9.8CVSS7.2AI score0.01188EPSS
Exploits1
nvd
nvd
added 2022/10/12 12:15 p.m.12 views

CVE-2022-37614

Prototype pollution vulnerability in function enable in mockery.js in mfncooper mockery commit 822f0566fd6d72af8c943ae5ca2aa92e516aa2cf via the key variable in mockery.js...

9.8CVSS0.01188EPSS
Exploits1References3
vulnrichment
vulnrichment
added 2022/10/12 12:0 a.m.6 views

CVE-2022-37614

Prototype pollution vulnerability in function enable in mockery.js in mfncooper mockery commit 822f0566fd6d72af8c943ae5ca2aa92e516aa2cf via the key variable in mockery.js...

9.4AI score0.01188EPSS
Exploits1References3
cve
cve
added 2022/10/12 12:0 a.m.92 views

CVE-2022-37614

CVE-2022-37614 describes a prototype pollution flaw in the Node.js module mockery.js (mfncooper mockery), exploitable via the enable function through the key variable in commit 822f0566fd6d72af8c943ae5ca2aa92e516aa2cf. The vulnerability is rated with a CRITICAL CVSS v3.1 base score (9.8), with NE...

9.8CVSS9.4AI score0.01188EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder