5 matches found
Security Bulletin: IBM App Connect Enterprise Certified Container IntegrationServer operands that run Designer flows is vulnerable to arbitrary code execution due to [CVE-2022-37614]
Summary Node.js module mockery is not used directly by IBM App Connect Enterprise Certified Container but is present in some of the images. IBM App Connect Enterprise Certified Container IntegrationServer operands that run Designer flows may be vulnerable to arbitrary code execution. This bulleti...
@akki9194/arm-rest-test-akshay (=1.0.0), @balena/open-balena-api (>=0.27.8-add-device-online-state-manager-7ac6d12f7adc353f80d89bd0cec08544e1a09181 <=0.30.2-add-device-online-state-manager-7af860b6826194984b1d0f4de717b6b7ad1d2194) +275 more potentially affected by CVE-2022-37614 via mockery (>=1.1.2 <=2.1.0)
mockery NPM version =1.1.2, =0.27.8-add-device-online-state-manager-7ac6d12f7adc353f80d89bd0cec08544e1a09181, =10.0.0, =0.0.26, =0.0.26, =0.0.26, =0.0.26, =0.9.0, =1.0.0, =0.1.0, =1.0.0, =1.0.9 and more Source cves: CVE-2022-37614 Source advisory: OSV:GHSA-GMWP-3PWC-3J3G...
CVE-2022-37614
Prototype pollution vulnerability in function enable in mockery.js in mfncooper mockery commit 822f0566fd6d72af8c943ae5ca2aa92e516aa2cf via the key variable in mockery.js...
CVE-2022-37614
Prototype pollution vulnerability in function enable in mockery.js in mfncooper mockery commit 822f0566fd6d72af8c943ae5ca2aa92e516aa2cf via the key variable in mockery.js...
CVE-2022-37614
CVE-2022-37614 describes a prototype pollution flaw in the Node.js module mockery.js (mfncooper mockery), exploitable via the enable function through the key variable in commit 822f0566fd6d72af8c943ae5ca2aa92e516aa2cf. The vulnerability is rated with a CRITICAL CVSS v3.1 base score (9.8), with NE...