Lucene search
+L

47 matches found

Atlassian
Atlassian
added 2025/11/13 11:27 p.m.16 views

Open Redirect Third-Party Dependency in Bitbucket Data Center and Server - CVE-2023-26159

This High severity vulnerability known as CVE-2023-26159 was introduced in 8.19.0, 8.19.1, 8.19.2, 8.19.3, 8.19.4, 8.19.5, 8.19.6, 8.19.7, 8.19.8, 8.19.9, 8.19.10, 8.19.11, 8.19.12, 8.19.13, 8.19.14, 8.19.15 of Bitbucket Data Center and Server. This vulnerability with a CVSS Score of 7.3 and a CV...

7.3CVSS6.8AI score0.00797EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2023-26159

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Versions of the package follow-redirects before 1.15.4 are vulnerable to Improper Input Validation due to the improper handling of URLs by the url.parse functio...

7.3CVSS6.5AI score0.00797EPSS
Exploits1References3
IBM Security Bulletins
IBM Security Bulletins
added 2025/02/26 6:52 p.m.9 views

Security Bulletin: IBM watsonx Orchestrate Cartridge affected by vulnerability in follow-redirects

Summary IBM watsonx Orchestrate Cartridge contains a vulnerable version of follow-redirects Vulnerability Details CVEID:CVE-2024-28849 DESCRIPTION: Node.js follow-redirects module could allow a remote authenticated attacker to obtain sensitive information, caused by the leakage of credentials whe...

7.3CVSS6.8AI score0.01044EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/11/20 3:23 p.m.33 views

Security Bulletin: IBM QRadar Pre-Validation App for IBM QRadar SIEM is vulnerable to using components with known vulnerabilities

Summary The product includes vulnerable components e.g., framework libraries that might be identified and exploited with automated tools. IBM has addressed the vulnerabilities. This product is only used by IBM QRadar SIEM app developers and external business partners and is not relevant for users...

7.5CVSS9.7AI score0.58768EPSS
Exploits9Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/07/23 7:36 a.m.16 views

Security Bulletin: IBM Event Streams is vulnerable to phishing attack due to the follow-redirects component (CVE-2023-26159).

Summary IBM Event Streams is vulnerable to phishing attack due to the follow-redirects component. In event streams, following redirects ensures uninterrupted data flow by automatically directing clients to new endpoints if the original one changes. It also aids in load balancing and failover...

7.3CVSS6.6AI score0.00797EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/06/25 9:4 a.m.29 views

Security Bulletin: IBM Event Streams is vulnerable to a denial of service attack and Phishing attacks due to the follow-redirect and k8s.io/apiMAChinery component (CVE-2023-26159,CVE-2023-44487).

Summary IBM Event Streams is vulnerable to a denial of service attack and Phishing attacks due to the follow-redirect and k8s.io/apiMAChinery component. The follow-redirect library is employed in event streams to seamlessly manage HTTP redirects, ensuring smooth navigation between resources witho...

7.5CVSS7.9AI score0.99999EPSS
Exploits20Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/06/24 2:8 p.m.38 views

Security Bulletin: IBM Watson AI Gateway for IBM Cloud Pak for Data is vulnerable to follow-redirects open redirect vulnerabilitiy [ CVE-2023-26159]

Summary Potentialfollow-redirects open redirect vulnerabilitiy CVE-2023-26159 have been identified that may affect IBM Watson AI Gateway for IBM Cloud Pak for Data. The vulnerability have been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2023-26159...

7.3CVSS6.8AI score0.00797EPSS
Exploits1Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.29 views

RHEL 6 : follow-redirects (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - follow-redirects: Improper Input Validation due to the improper handling of URLs by the url.parse CVE-2023-26159 No...

7.3CVSS7.3AI score0.00797EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2024/05/23 6:29 a.m.36 views

Important: Red Hat Security Advisory: OpenShift Virtualization 4.15.2 Images security update

Red Hat OpenShift Virtualization release 4.15.2 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which...

7.5CVSS7AI score0.91969EPSS
Exploits3References20
CBLMariner
CBLMariner
added 2024/05/17 9:38 p.m.19 views

CVE-2023-26159 affecting package python-tensorboard for versions less than 2.16.2-1

CVE-2023-26159 affecting package python-tensorboard for versions less than 2.16.2-1. An upgraded version of the package is available that resolves this issue...

7.3CVSS6.5AI score0.00797EPSS
Exploits1
IBM Security Bulletins
IBM Security Bulletins
added 2024/05/16 8:23 p.m.43 views

Security Bulletin: IBM i Modernization Engine for Lifecycle Integration is vulnerable to multiple vulnerabilities

Summary There are multiple vulnerabilities in components of IBM i Modernization Engine for Lifecycle Integration as described in the Vulnerability Details section. Node.js follow-redirects module could allow a remote authenticated attacker to obtain sensitive information CVE-2024-28849,...

9.8CVSS10AI score0.08515EPSS
Exploits13Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/05/11 4:55 p.m.24 views

Security Bulletin: IBM Storage Fusion is vulnerable to phishing attacks due to follow-redirects package.

Summary follow-redirects is used by IBM Storage Fusion as part of the Installer and may be vulnerable to the CVE listed below. CVE-2023-26159. Vulnerability Details CVEID:CVE-2023-26159 DESCRIPTION: follow-redirects could allow a remote attacker to conduct phishing attacks, caused by an open...

7.3CVSS6.5AI score0.00797EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/05/11 4:54 p.m.33 views

Security Bulletin: IBM Storage Fusion HCI is vulnerable to phishing attacks and cross-site request forgery due to follow-redirects and Axios.

Summary follow-redirects and Axios are used by IBM Storage Fusion HCI as part of the Installer and may be vulnerable to the CVE listed below. CVE-2023-26159, CVE-2023-45857. Vulnerability Details CVEID:CVE-2023-26159 DESCRIPTION: follow-redirects could allow a remote attacker to conduct phishing...

7.3CVSS6.8AI score0.00797EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/05/08 5:21 p.m.32 views

Security Bulletin: Multiple Vulnerabilities have been identified in IBM MQ shipped with IBM WebSphere Remote Server

Summary IBM MQ is shipped with IBM WebSphere Remote Server. Information about security vulnerabilities affecting IBM MQ have been published in a security bulletin CVE-2023-26159, CVE-2024-25015, CVE-2024-25048, CVE-2024-20952, CVE-2023-33850, CVE-2023-6237, CVE-2024-0727 Vulnerability Details Ref...

7.5CVSS7.7AI score0.03174EPSS
Exploits1Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/04/27 12:0 a.m.44 views

IBM MQ 9.2 <= 9.2.0.25 / 9.3 < 9.3.5 CD / 9.3 <= 9.3.0.17 (7123135)

The version of IBM MQ Server running on the remote host is affected by a vulnerability as referenced in the 7123135 advisory. - Versions of the package follow-redirects before 1.15.4 are vulnerable to Improper Input Validation due to the improper handling of URLs by the url.parse function. When n...

7.3CVSS6.7AI score0.00797EPSS
Exploits1References2
IBM Security Bulletins
IBM Security Bulletins
added 2024/04/26 2:1 p.m.40 views

Security Bulletin: IBM MQ is vulnerable to an issue in follow-redirects due to open redirect (CVE-2023-26159)

Summary IBM MQ has addressed an issue in follow-redirects. Follow-redirects is used by IBM MQ as part of the MQ Console. Vulnerability Details CVEID:CVE-2023-26159 DESCRIPTION: follow-redirects could allow a remote attacker to conduct phishing attacks, caused by an open redirect vulnerability. An...

7.3CVSS6.6AI score0.00797EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/04/25 5:23 a.m.26 views

Security Bulletin: IBM Event Processing is vulnerable to conduct phishing attacks, caused by an open redirect vulnerability (CVE-2023-26159).

Summary There is a vulnerability in follow-redirects used by IBM Event Processing which is categorized as an Improper Input Validation vulnerability due to the improper handling of URLs by the url.parse function. This vulnerability can be exploited by manipulating the hostname when new URL throws...

7.3CVSS6.5AI score0.00797EPSS
Exploits1Affected Software1
RedHat Linux
RedHat Linux
added 2024/04/22 12:47 p.m.27 views

Moderate: Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.5.1 security update

Red Hat OpenShift Service Mesh Containers for 2.5.1 This update has a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section. Red Hat OpenShift...

7.5CVSS6.7AI score0.01956EPSS
Exploits2References16
IBM Security Bulletins
IBM Security Bulletins
added 2024/04/09 6:54 p.m.33 views

Security Bulletin: IBM QRadar Deployment Intelligence app for IBM QRadar SIEM is vulnerable to using components with known vulnerabilities

Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. IBM QRadar Deployment Intelligence app for IBM QRadar SIEM has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2023-46234 DESCRIPTION: browserify...

7.5CVSS7.2AI score0.00797EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/03/13 6:31 a.m.15 views

Security Bulletin: IBM Maximo Application Suite uses follow-redirects-1.15.2.tgz which is vulnerable to CVE-2023-26159

Summary IBM Maximo Application Suite uses follow-redirects-1.15.2.tgz which is vulnerable to CVE-2023-26159. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2023-26159 DESCRIPTION: follow-redirects could allow a remote attacker to...

7.3CVSS6.5AI score0.00797EPSS
Exploits1Affected Software1
Rows per page
Query Builder