Lucene search
K

17 matches found

OSV
OSV
added 2026/06/04 6:9 p.m.10 views

ROOT-APP-NPM-CVE-2023-45133 CVE-2023-45133 in @rootio/babel-traverse - Patched by Root

Root has patched CVE-2023-45133 in the @rootio/babel-traverse package for Root:npm. Multiple fixed versions available...

9.3CVSS6.8AI score0.0052EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2024/02/19 11:3 a.m.35 views

Security Bulletin: IBM Maximo Application Suite uses traverse-7.20.13.tgz which is vulnerable to CVE-2023-45133

Summary IBM Maximo Application Suite uses traverse-7.20.13.tgz which is vulnerable to CVE-2023-45133. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2023-45133 DESCRIPTION: Babel could allow a local attacker to execute arbitrary cod...

9.3CVSS8.8AI score0.0052EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/02/14 6:50 p.m.39 views

Security Bulletin: IBM QRadar Use Case Manager app is vulnerable to using components with known vulnerabilities

Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. The update addresses these issues. Vulnerability Details CVEID:CVE-2023-45857 DESCRIPTION: Axios is vulnerable to cross-site request forgery, caused by improper...

9.3CVSS8.3AI score0.02761EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/01/17 7:18 a.m.54 views

Security Bulletin: Multiple security vulnerabilities are addressed with IBM Cloud Pak for Business Automation iFixes for December 2023.

Summary Multiple security vulnerabilities are addressed with IBM Cloud Pak for Business Automation 21.0.3-IF028 and 23.0.1-IF006. Vulnerability Details CVEID:CVE-2023-45857 DESCRIPTION: Axios is vulnerable to cross-site request forgery, caused by improper validation of user-supplied input. By...

9.8CVSS10AI score0.99999EPSS
Exploits20Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/01/15 11:31 a.m.40 views

Security Bulletin: Platform Navigator and Automation Assets in IBM Cloud Pak for Integration are vulnerable to arbitrary code execution due to Babel.

Summary Platform Navigator and Automation Assets in IBM Cloud Pak for Integration are vulnerable to arbitrary code execution due to Babel CVE-2023-45133. Vulnerability Details CVEID:CVE-2023-45133 DESCRIPTION: Babel could allow a local attacker to execute arbitrary code on the system, caused by a...

9.3CVSS9AI score0.0052EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2023/12/21 5:24 p.m.67 views

Security Bulletin: IBM Storage Fusion HCI may be vulnerable to Injection, Regular Expression Denial of Service (ReDoS), and Arbitrary Code Execution and via use of postcss, semver, babel-traverse (CVE-2023-45133, CVE-2022-25883, CVE-2023-44270)

Summary JavaScript libraries postcss, semver, and babel-traverse are used by IBM Storage Fusion HCI's Web Interface. Vulnerabilities in these libraries could lead to Denial of Service and Arbitrary Code Injection as described the the CVEs listed in the "Vulnerability Details" section. Vulnerabili...

9.3CVSS8.8AI score0.02761EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/12/20 4:10 p.m.75 views

Security Bulletin: Netcool Operations Insights 1.6.11 addresses multiple security vulnerabilities.

Summary Netcool Operations Insight v1.6.11 addresses multiple security vulnerabilities, listed in the CVEs below. Vulnerability Details CVEID:CVE-2023-34453 DESCRIPTION: snappy-java is vulnerable to a denial of service, caused by an integer overflow in the shuffle function. By sending a specially...

9.8CVSS9.4AI score0.99615EPSS
Exploits30Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/12/05 11:32 a.m.22 views

Security Bulletin: IBM QRadar User Behavior Analytics uses components with known vulnerabilities (CVE-2023-44270, CVE-2023-45133)

Summary IBM QRadar User Behavior Analytics contains vulnerable packages/components that may be identified and potentially exploited. The packages have been updated in the latest release and the vulnerabilities identified in the CVEs have been addressed. Please follow the instructions in the...

9.3CVSS8.3AI score0.00822EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/12/01 7:13 p.m.36 views

Security Bulletin: Babel-traverse is vulnerable to CVE-2023-45133 used in IBM Maximo Application Suite - Monitor Component

Summary IBM Maximo Application Suite - Monitor Component uses babel-traverse which is vulnerable to CVE-2023-45133. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details CVEID:CVE-2023-45133 DESCRIPTION: Babel could allow a local attacker to execute...

9.3CVSS8.9AI score0.0052EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/11/29 2:48 p.m.36 views

Security Bulletin: IBM Watson Discovery Cartridge for IBM Cloud Pak for Data affected by vulnerability in Babel

Summary IBM Watson Discovery Cartridge for IBM Cloud Pak for Data contains a vulnerable version of Babel. Vulnerability Details CVEID: CVE-2023-45133 DESCRIPTION: Babel could allow a local attacker to execute arbitrary code on the system, caused by a flaw in the path.evaluateor path.evaluateTruth...

9.3CVSS7.1AI score0.0052EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/11/16 9:37 p.m.46 views

Security Bulletin: IBM Storage Fusion may be vulnerable to Injection, Regular Expression Denial of Service (ReDoS), and Arbitrary Code Execution and via use of postcss, semver, babel-traverse (CVE-2023-45133, CVE-2022-25883, CVE-2023-44270)

Summary JavaScript libraries postcss, semver, and babel-traverse are used by IBM Storage Fusion's Web Interface. Vulnerabilities in these libraries could lead to Denial of Service and Arbitrary Code Injection as described the the CVEs listed in the "Vulnerability Details" section. Vulnerability...

9.3CVSS8.8AI score0.02761EPSS
Exploits1Affected Software1
OpenVAS
OpenVAS
added 2023/10/20 12:0 a.m.25 views

Debian: Security Advisory (DLA-3618-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS8.7AI score0.0052EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/10/17 12:0 a.m.51 views

Debian DSA-5528-1 : node-babel7 - security update

The remote Debian 11 / 12 host has packages installed that are affected by a vulnerability as referenced in the dsa-5528 advisory. - Babel is a compiler for writingJavaScript. In @babel/traverse prior to versions 7.23.2 and 8.0.0-alpha.4 and all versions of babel-traverse, using Babel to compile...

9.3CVSS8.3AI score0.0052EPSS
Exploits0References7
Debian
Debian
added 2023/10/16 5:14 p.m.47 views

[SECURITY] [DSA 5528-1] node-babel7 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5528-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff October 16, 2023 https://www.debian.org/security/faq -...

9.3CVSS7.2AI score0.0052EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2023/10/16 1:55 p.m.6 views

1st (>=0.1.0 <=0.1.45), 4paradigm_robot_service (>=0.0.1 <=0.0.16) +6380 more potentially affected by CVE-2023-45133 via @babel/traverse (>=7.0.0-beta.31 <=7.23.0)

@babel/traverse NPM version =7.0.0-beta.31, =0.1.0, =0.0.1, =0.0.0, =0.0.2, =0.0.1, =0.6.0, =0.0.1, =0.0.2, =0.0.0-manual.7283bbad, =0.28.1, =0.37.0-beta-5 - @accio-cms/server =0.0.6 - @acentswap/ace-sdk =10.4.0 and more Source cves: CVE-2023-45133 Source advisory: OSV:GHSA-67HX-6X53-JW92...

9.3CVSS6.7AI score0.0052EPSS
Exploits0
Circl
Circl
added 2023/10/12 8:23 p.m.31 views

CVE-2023-45133

creationtimestamp| type| source ---|---|--- 2023-10-12 20:23:32+00:00| seen| https://t.me/cibsecurity/72192 2025-05-10 05:05:40+00:00| seen| https://gist.github.com/aestzio/801a375fd28fbecaaa4809ec962909c7 2025-11-13 11:00:00+00:00| seen|...

9.3CVSS6.3AI score0.0052EPSS
Exploits0References3
CVE
CVE
added 2023/10/12 4:17 p.m.399 views

CVE-2023-45133

CVE-2023-45133 affects Babel’s traversal layer. The issue allows arbitrary code execution during compilation when compiling code crafted by an attacker via plugins that rely on path.evaluate() or path.evaluateTruthy(). Affected in: @babel/traverse prior to 7.23.2 and 8.0.0-alpha.4, and all versio...

9.3CVSS9.1AI score0.0052EPSS
Exploits0References7Affected Software1
Rows per page
Query Builder