Lucene search
+L

9 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.13 views

Linux Distros Unpatched Vulnerability : CVE-2024-21501

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Versions of the package sanitize-html before 2.12.1 are vulnerable to Information Exposure when used on the backend and with the style attribute allowed, allowi...

5.3CVSS6.7AI score0.01018EPSS
Exploits1References3
IBM Security Bulletins
IBM Security Bulletins
added 2024/06/03 11:31 a.m.53 views

Security Bulletin: Information disclosure vulnerabilities affect IBM Business Automation Workflow - CVE-2024-28849, CVE-2024-21501

Summary IBM Business Automation Workflow Web Process Designer is vulnerable to information disclosure attacks. Vulnerability Details CVEID:CVE-2024-28849 DESCRIPTION: Node.js follow-redirects module could allow a remote authenticated attacker to obtain sensitive information, caused by the leakage...

6.5CVSS6.1AI score0.01044EPSS
Exploits2Affected Software2
Tenable Nessus
Tenable Nessus
added 2024/06/02 12:0 a.m.29 views

Fedora 39 : glances (2024-af1f06c79c)

The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-af1f06c79c advisory. Security fix for CVE-2024-21501 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

5.3CVSS6.7AI score0.01018EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2024/04/16 2:52 p.m.57 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.15.9 bug fix and security update

Red Hat OpenShift Container Platform release 4.15.9 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.15. Red Hat Product Security has rated this update as having a...

7.5CVSS7.1AI score0.99999EPSS
Exploits21References24
RedhatCVE
RedhatCVE
added 2024/02/26 6:31 p.m.28 views

CVE-2024-21501

An information exposure flaw was found in the sanitize-html package, when used on the backend with the style attribute allowed. This issue may allow an attacker to enumerate files in the system, including project dependencies, to gather details about the file system structure and dependencies of...

5.3CVSS5.1AI score0.01018EPSS
Exploits1References4
vulnersOsv
vulnersOsv
added 2024/02/24 6:30 a.m.5 views

08cms (=1.0.0), 10secondsofcode-custom (=1.0.0) +3314 more potentially affected by CVE-2024-21501 via sanitize-html (>=0.1.4 <=2.12.0)

sanitize-html NPM version =0.1.4, =1.0.0, =1.0.0, =1.0.0, =0.6.0, =0.1.0, =0.1.0, =11.1.0, =1.0.0, =1.0.1, =0.2.0, =0.1.0, =0.19.1-rc.2, =0.19.1-rc.4 and more Source cves: CVE-2024-21501 Source advisory: OSV:GHSA-RM97-X556-Q36H...

5.3CVSS6.5AI score0.01018EPSS
Exploits1
UbuntuCve
UbuntuCve
added 2024/02/24 5:15 a.m.31 views

CVE-2024-21501

Versions of the package sanitize-html before 2.12.1 are vulnerable to Information Exposure when used on the backend and with the style attribute allowed, allowing enumeration of files in the system including project dependencies. An attacker could exploit this vulnerability to gather details abou...

5.3CVSS6.8AI score0.01018EPSS
Exploits1References8
CVE
CVE
added 2024/02/24 5:0 a.m.288 views

CVE-2024-21501

CVE-2024-21501 – sanitize-html information exposure : The sanitize-html package (pre-2.12.1) on the backend with the style attribute enabled can disclose sensitive filesystem and dependency details by enumerating files. Affected: sanitize-html versions before 2.12.1. Impact is information disclos...

5.3CVSS5AI score0.01018EPSS
Exploits1References8Affected Software1
Cvelist
Cvelist
added 2024/02/24 5:0 a.m.41 views

CVE-2024-21501

Versions of the package sanitize-html before 2.12.1 are vulnerable to Information Exposure when used on the backend and with the style attribute allowed, allowing enumeration of files in the system including project dependencies. An attacker could exploit this vulnerability to gather details abou...

5.3CVSS5.3AI score0.01018EPSS
Exploits1References8
Rows per page
Query Builder