Lucene search
K

13 matches found

CBLMariner
CBLMariner
added 2024/05/17 9:38 p.m.38 views

CVE-2022-39353 affecting package python-tensorboard for versions less than 2.16.2-1

CVE-2022-39353 affecting package python-tensorboard for versions less than 2.16.2-1. An upgraded version of the package is available that resolves this issue...

9.8CVSS6.5AI score0.01182EPSS
Exploits1
Ubuntu
Ubuntu
added 2023/05/24 9:57 a.m.53 views

USN-6102-1: xmldom vulnerabilities

It was discovered that xmldom incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause unexpected syntactic changes during XML processing. This issue only affected Ubuntu...

9.8CVSS7.1AI score0.01535EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2023/05/24 12:0 a.m.68 views

Ubuntu 20.04 LTS / 22.04 LTS : xmldom vulnerabilities (USN-6102-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6102-1 advisory. It was discovered that xmldom incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially...

9.8CVSS7AI score0.01535EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2023/01/02 12:0 a.m.25 views

Debian: Security Advisory (DLA-3260-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7AI score0.01328EPSS
Exploits1References4
Debian
Debian
added 2023/01/01 5:0 p.m.33 views

[SECURITY] [DLA 3260-1] node-xmldom security update

Debian LTS Advisory DLA-3260-1 [email protected] https://www.debian.org/lts/security/ Guilhem Moulin January 01, 2023 https://wiki.debian.org/LTS Package : node-xmldom Version : 0.1.27+ds-1+deb10u2 CVE ID : CVE-2021-21366 CVE-2022-39353 Debian Bug : 1024736 It was discovered that...

9.8CVSS6.7AI score0.03025EPSS
Exploits2
IBM Security Bulletins
IBM Security Bulletins
added 2022/12/01 4:35 p.m.28 views

Security Bulletin: IBM App Connect Enterprise Certified Container operands may be vulnerable to privilege escalation due to CVE-2022-39353

Summary Node.js module xmldom is used by IBM App Connect Enterprise Certified Container for parsing XML documents. IBM App Connect Enterprise Certified Container DesignerAuthoring and IntegrationServer operands may be vulnerable to privilege escalation. This bulletin provides patch information to...

9.8CVSS9.3AI score0.01182EPSS
Exploits1Affected Software1
RedhatCVE
RedhatCVE
added 2022/11/14 3:56 a.m.42 views

CVE-2022-39353

A flaw was found in the xmldom package. The xmldom parses XML that is not well-formed because it contains multiple top-level elements, adding all root nodes to the childNodes collection of the Document without reporting errors or throwing. This breaks the assumption that there is only a single ro...

9.8CVSS3.7AI score0.03025EPSS
Exploits2References4
Vulnrichment
Vulnrichment
added 2022/11/02 12:0 a.m.10 views

CVE-2022-39353 xmldom allows multiple root nodes in a DOM

xmldom is a pure JavaScript W3C standard-based XML DOM Level 2 Core DOMParser and XMLSerializer module. xmldom parses XML that is not well-formed because it contains multiple top level elements, and adds all root nodes to the childNodes collection of the Document, without reporting any error or...

9.4CVSS7.2AI score0.01182EPSS
Exploits1References3
CVE
CVE
added 2022/11/02 12:0 a.m.192 views

CVE-2022-39353

CVE-2022-39353 — The xmldom library’s DOMParser can parse XML with multiple top-level elements, adding multiple root nodes to Document.childNodes without error. This violates the single-root assumption and is the underlying issue that prompted CVE-2022-39299. Affected: xmldom (JavaScript XML DOM ...

9.8CVSS8.5AI score0.01182EPSS
Exploits1References3Affected Software1
Debian CVE
Debian CVE
added 2022/11/02 12:0 a.m.45 views

CVE-2022-39353

xmldom is a pure JavaScript W3C standard-based XML DOM Level 2 Core DOMParser and XMLSerializer module. xmldom parses XML that is not well-formed because it contains multiple top level elements, and adds all root nodes to the childNodes collection of the Document, without reporting any error or...

9.8CVSS9.7AI score0.01182EPSS
Exploits1
OSV
OSV
added 2022/11/02 12:0 a.m.38 views

CVE-2022-39353 xmldom allows multiple root nodes in a DOM

xmldom is a pure JavaScript W3C standard-based XML DOM Level 2 Core DOMParser and XMLSerializer module. xmldom parses XML that is not well-formed because it contains multiple top level elements, and adds all root nodes to the childNodes collection of the Document, without reporting any error or...

9.4CVSS8.8AI score0.01182EPSS
Exploits1References5
vulnersOsv
vulnersOsv
added 2022/11/01 5:29 p.m.4 views

2c2p-integration (>=0.2.0 <=0.2.2), 4help-shared (>=1.0.8 <=1.0.15) +3878 more potentially affected by CVE-2022-39353 via @xmldom/xmldom (>=0.7.0 <=0.7.6)

@xmldom/xmldom NPM version =0.7.0, =0.2.0, =1.0.8, =0.1.3, =0.0.7, =0.3.31, =1.0.4, =1.0.0, =2.1.0-develop-2ff6c7-mckmjkzz, =2.1.0-renovate-fdebc6-mhg3djx8 - @abcd19/st-grid =3.1.0 - @abdullahceylan/expo-cli =0.2.6 and more Source cves: CVE-2022-39353 Source advisory: OSV:GHSA-CRH6-FP67-6883...

9.8CVSS7.2AI score0.01182EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2022/11/01 5:29 p.m.6 views

08cms (=1.0.0), 0uth (>=1.0.5 <=1.2.1) +13070 more potentially affected by CVE-2022-39353 via xmldom (>=0.1.11 <=0.6.0)

xmldom NPM version =0.1.11, =1.0.5, =1.0.0, =1.0.0, =1.7.3, =0.1.0, =0.0.2, =0.0.1, =1.0.2, =1.0.3, =1.0.23, =1.0.1, =1.3.1 and more Source cves: CVE-2022-39353 Source advisory: OSV:GHSA-CRH6-FP67-6883...

9.8CVSS7.2AI score0.01182EPSS
Exploits1
Rows per page
Query Builder