Lucene search
K

24 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/01/25 12:4 p.m.5 views

Security Bulletin: A vulnerability in the cookie package affect IBM® Db2® Big SQL on IBM Cloud Pak for Data.

Summary A vulnerability in the cookie package affect IBM® Db2® Big SQL 7 on IBM Cloud Pak for Data 4 and 5. Vulnerability Details CVEID:CVE-2024-47764 DESCRIPTION: cookie is a basic HTTP cookie parser and serializer for HTTP servers. The cookie name could be used to set other fields of the cookie...

6.9CVSS5.9AI score0.00744EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/07/10 8:52 a.m.5 views

Security Bulletin: IBM watsonx Orchestrate Cartridge affected by vulnerability in cookie-0.4.1.tgz

Summary IBM watsonx Orchestrate Cartridge contains a vulnerable version of cookie-0.4.1.tgz Vulnerability Details CVEID:CVE-2024-47764 DESCRIPTION: cookie is a basic HTTP cookie parser and serializer for HTTP servers. The cookie name could be used to set other fields of the cookie, resulting in a...

6.9CVSS6.6AI score0.00744EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/06/27 11:2 a.m.6 views

Security Bulletin: IBM Maximo Application Suite - Manage Component uses cookie-0.4.1.tgz which is vulnerable to CVE-2024-47764

Summary Security Bulletin: IBM Maximo Application Suite - Manage Component uses cookie-0.4.1.tgz which is vulnerable to CVE-2024-47764. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2024-47764 DESCRIPTION: cookie is a basic HTTP...

6.9CVSS6.5AI score0.00744EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/06/09 4:36 a.m.12 views

Security Bulletin: IBM Cloud Pak for Data is vulnerable to injection due to cookie package ( CVE-2024-47764 )

Summary Potential vulnerabilities in cookie package CVE-2024-47764 has been identified that may affect IBM Cloud Pak for Data. Vulnerability Details CVEID:CVE-2024-47764 DESCRIPTION: cookie is a basic HTTP cookie parser and serializer for HTTP servers. The cookie name could be used to set other...

6.9CVSS6.8AI score0.00744EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/04/15 3:57 a.m.23 views

Security Bulletin: IBM QRadar Data Synchronization App for IBM QRadar SIEM is vulnerable to using components with known vulnerabilities

Summary The product includes vulnerable components e.g., framework libraries that could be identified and exploited with automated tools. IBM QRadar Data Synchronization App for IBM QRadar SIEM has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2024-47764 DESCRIPTION: jshttp cooki...

8.6CVSS9.6AI score0.02209EPSS
Exploits5Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/03/28 5:38 p.m.35 views

Security Bulletin: Multiple vulnerabilities affect IBM Db2® on Cloud Pak for Data, and Db2 Warehouse on Cloud Pak for Data

Summary IBM has released the below fix for IBM Db2® on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data in response to multiple vulnerabilities found in multiple components. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details...

8.7CVSS10AI score0.25939EPSS
Exploits4Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/03/06 1:33 p.m.18 views

Security Bulletin: QRadar Pulse application add on to IBM QRadar SIEM is vulnerable to using components with known vulnerabilities (CVE-2024-52798, CVE-2024-47764)

Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. IBM has released a new version which addresses the vulnerabilities. Vulnerability Details CVEID:CVE-2024-52798 DESCRIPTION: path-to-regexp turns path strings int...

8.7CVSS7AI score0.00792EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2024-47764

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - cookie is a basic HTTP cookie parser and serializer for HTTP servers. The cookie name could be used to set other fields of the cookie, resulting in an unexpecte...

6.9CVSS6.2AI score0.00744EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2025/02/10 12:58 p.m.16 views

Security Bulletin: IBM Maximo Application Suite - Monitor Component is vulnerable to cookie-0.5.0.tgz CVE-2024-47764

Summary IBM Maximo Application Suite - Monitor Component is vulnerable to cookie-0.5.0.tgz CVE-2024-47764. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2024-47764 DESCRIPTION: jshttp cookie could allow a remote attacker to bypass...

6.9CVSS6AI score0.00744EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/02/10 12:58 p.m.14 views

Security Bulletin: IBM Maximo Application Suite - Monitor Component is vulnerable to cookie-0.4.0.tgz CVE-2024-47764

Summary IBM Maximo Application Suite - Monitor Component is vulnerable to cookie-0.4.0.tgz CVE-2024-47764. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2024-47764 DESCRIPTION: jshttp cookie could allow a remote attacker to bypass...

6.9CVSS6.1AI score0.00744EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/02/05 9:48 a.m.31 views

Security Bulletin: IBM Maximo Application Suite uses werkzeug-3.0.4-py3-none-any.whl, cookie-0.4.1.tgz and cross-spawn-7.0.3.tgz which is vulnerable to CVE-2024-49767, CVE-2024-49766, CVE-2024-47764 and CVE-2024-21538

Summary IBM Maximo Application Suite uses werkzeug-3.0.4-py3-none-any.whl, cookie-0.4.1.tgz and cross-spawn-7.0.3.tgz which is vulnerable to CVE-2024-49767, CVE-2024-49766, CVE-2024-47764 and CVE-2024-21538. This bulletin contains information regarding the vulnerability and its fixture...

8.7CVSS6.8AI score0.01102EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/30 2:53 p.m.13 views

Security Bulletin: Vulnerability in jshttp cookie affects watsonx.data

Summary jshttp cookie could allow a remote attacker to bypass security restrictions, and this could affect watsonx.data. Vulnerability Details CVEID:CVE-2024-47764 DESCRIPTION: jshttp cookie could allow a remote attacker to bypass security restrictions, caused by improper input validation by the...

6.9CVSS8.6AI score0.00744EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/28 10:8 p.m.32 views

Security Bulletin: IBM App Connect Enterprise is vulnerable to multiple vulnerabilities due to jsonpath-plus (CVE-2024-21534) and cookie (CVE-2024-47764)

Summary IBM App Connect Enterprise is vulnerable to multiple vulnerabilities due to jsonpath-plus CVE-2024-21534 and cookie CVE-2024-47764. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details CVEID:CVE-2024-21534 DESCRIPTION: Versions of the package...

9.8CVSS7.6AI score0.09076EPSS
Exploits4Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/28 10:8 p.m.25 views

Security Bulletin: IBM Decision Optimization for Cloud Pak for Data is vulnerable to a remote attacker (CVE-2024-48948)

Summary There is a vulnerability in elliptic used by IBM Decision Optimization for IBM Cloud Pak for Data. IBM Decision Optimization for IBM Cloud Pak for Data has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2024-47764 DESCRIPTION: jshttp cookie could allow a remote attacker to...

6.9CVSS6.8AI score0.00744EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/28 9:51 p.m.12 views

Security Bulletin: IBM App Connect Enterprise Certified Container operands are vulnerable to bypassing security restrictions [CVE-2024-47764]

Summary Node.js module cookie is used by IBM App Connect Enterprise Certified Container for parsing HTTP cookies. IBM App Connect Enterprise Certified Container operands are vulnerable to security restrictions bypass. This bulletin provides patch information to address the reported vulnerability ...

6.9CVSS6.8AI score0.00744EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/10/17 12:0 a.m.27 views

CBL Mariner 2.0 Security Update: reaper (CVE-2024-47764)

The version of reaper installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-47764 advisory. - cookie is a basic HTTP cookie parser and serializer for HTTP servers. The cookie name could be used to set...

6.9CVSS6.7AI score0.00744EPSS
Exploits0References2
CBLMariner
CBLMariner
added 2024/10/15 11:32 p.m.17 views

CVE-2024-47764 affecting package reaper for versions less than 3.1.1-13

CVE-2024-47764 affecting package reaper for versions less than 3.1.1-13. A patched version of the package is available...

6.9CVSS6.4AI score0.00744EPSS
Exploits0
Circl
Circl
added 2024/10/04 10:43 p.m.14 views

CVE-2024-47764

creationtimestamp| type| source ---|---|--- 2024-10-04 22:43:39+00:00| seen| https://t.me/cvedetector/7021 2025-02-01 06:22:08+00:00| seen| https://gist.github.com/ton77v/932a3f8b5d57d2625b31328796a3cf30 2025-06-23 12:01:38+00:00| seen|...

6.9CVSS6.7AI score0.00744EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2024/10/04 8:54 p.m.36 views

CVE-2024-47764

A flaw was found in the Cookie Node.js module, a basic HTTP cookie parser and serializer for HTTP servers. The cookie name could be used to set other fields of the cookie, resulting in an unexpected cookie value. A similar escape can be used for path and domain, which could be abused to alter oth...

3.7CVSS6.2AI score0.00744EPSS
Exploits0References6
vulnersOsv
vulnersOsv
added 2024/10/04 8:31 p.m.6 views

-temp-electron-manager-somiibo (=0.0.200), 0.edsql (>=1.0.49 <=1.0.50) +49157 more potentially affected by CVE-2024-47764 via cookie (>=0.0.2 <=0.6.0)

cookie NPM version =0.0.2, =1.0.49, =1.0.51, =1.0.0, =1.0.0, =0.0.1, =1.0.3, =1.0.1, =1.0.5 - 192.168.0.172 =4.6.1 and more Source cves: CVE-2024-47764 Source advisory: OSV:GHSA-PXG6-PF52-XH8X...

6.9CVSS6.6AI score0.00744EPSS
Exploits0
Rows per page
Query Builder