17 matches found
Linux Distros Unpatched Vulnerability : CVE-2023-26115
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - All versions of the package word-wrap are vulnerable to Regular Expression Denial of Service ReDoS due to the usage of an insecure regular expression within the...
RHEL 6 : grafana (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - word-wrap: ReDoS CVE-2023-26115 Note that Nessus has not tested for this issue but has instead relied on the packag...
Important: Red Hat Security Advisory: OpenShift Container Platform 4.14.6 security and extras update
Red Hat OpenShift Container Platform release 4.14.6 is now available with updates to packages and images that fix several bugs. This release includes a security update for Red Hat OpenShift Container Platform 4.14. Red Hat Product Security has rated this update as having a security impact of...
Fedora 39 : magicmirror (2023-3a06c965b4)
The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-3a06c965b4 advisory. Automatic update for magicmirror-2.24.0-1.fc39. Changelog Sun Jul 9 2023 Davide Cavalca - 2.24.0-1 - Update to 2.24.0; Fixes: RHBZ2184597,...
Important: Red Hat Security Advisory: OpenShift Container Platform 4.14.0 bug fix and security update
Red Hat OpenShift Container Platform release 4.14.0 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.14. Red Hat Product Security has rated this update as having a...
Important: Red Hat Security Advisory: Migration Toolkit for Containers (MTC) 1.8.0 security and bug fix update
The Migration Toolkit for Containers MTC 1.8.0 is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...
Important: Red Hat Security Advisory: Network Observability 1.4.0 for OpenShift
Network Observability is an OpenShift operator that deploys a monitoring pipeline to collect and enrich network flows that are produced by the Network Observability eBPF agent. The operator provides dashboards, metrics, and keeps flows accessible in a queryable log store, Grafana Loki. When a...
Security Bulletin: IBM App Connect Enterprise is vulnerable to a remote attack and a denial of service due to Node.js modules protobuf.js, vm2 and word-wrap [CVE-2023-36665, CVE-2023-37903, CVE-2023-37466 and CVE-2023-26115]
Summary IBM App Connect Enterprise is vulnerable to a remote attack and a denial of service due to Node.js modules protobuf.js, vm2 and word-wrap CVE-2023-36665, CVE-2023-37903, CVE-2023-37466 and CVE-2023-26115. The fix includes protobuf.js =7.2.4, word-wrap =1.2.5 and vm2 has been removed from...
Security Bulletin: IBM App Connect Enterprise Certified Container operands are vulnerable to denial of service due to [CVE-2023-26115]
Summary Node.js word-wrap is used internally by IBM App Connect Enterprise Certified Container. IBM App Connect Enterprise Certified Container operands are vulnerable to denial of service. This bulletin provides patch information to address the reported vulnerability in Node.js word-wrap...
Moderate: Red Hat Security Advisory: Logging Subsystem 5.7.3 - Red Hat OpenShift security update
An update is now available for Red Hat OpenShift Logging Subsystem 5.7.3 Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...
CVE-2023-26115
A flaw was found in the Node.js word-wrap module, where it is vulnerable to a denial of service caused by a Regular expression denial of service ReDoS issue in the result variable. By sending a specially crafted regex input, a remote attacker can cause a denial of service...
@alexktzk/cz-customizable (>=1.0.0 <=1.1.0), @algolia/coquille (>=0.0.2 <=0.0.13) +1269 more potentially affected by CVE-2023-26115 via word-wrap (>=0.1.3 <=1.2.3)
word-wrap NPM version =0.1.3, =1.0.0, =0.0.2, =1.1.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =0.4.2, =0.0.0, =1.0.0, =0.1.0-preview, =0.1.0-preview, =6.0.0-alpha.16.20220105.1, =0.1.3, =0.1.17 and more Source cves: CVE-2023-26115 Source advisory: OSV:GHSA-J8XG-FQG3-53R7...
AZL-44184 CVE-2023-26115 affecting package js-jquery 3.5.0-4
All versions of the package word-wrap are vulnerable to Regular Expression Denial of Service ReDoS due to the usage of an insecure regular expression within the result variable...
CVE-2023-26115
All versions of the package word-wrap are vulnerable to Regular Expression Denial of Service ReDoS due to the usage of an insecure regular expression within the result variable...
CVE-2023-26115
CVE-2023-26115 affects the word-wrap package. The vulnerability is a Regular Expression Denial of Service (ReDoS) caused by an insecure regex in the result variable, affecting all versions. Public references cite a fix in word-wrap 1.2.4 (and releases tagged 1.2.4) with related discussion and a p...
CVE-2023-26115
All versions of the package word-wrap are vulnerable to Regular Expression Denial of Service ReDoS due to the usage of an insecure regular expression within the result variable...
CVE-2023-26115
All versions of the package word-wrap are vulnerable to Regular Expression Denial of Service ReDoS due to the usage of an insecure regular expression within the result variable...