Lucene search
K

17 matches found

OSV
OSV
added 2026/06/04 8:56 p.m.5 views

ROOT-APP-NPM-CVE-2024-53382 CVE-2024-53382 in @rootio/prismjs - Patched by Root

Root has patched CVE-2024-53382 in the @rootio/prismjs package for Root:npm. Multiple fixed versions available...

4.9CVSS8.2AI score0.00301EPSS
Exploits1
IBM Security Bulletins
IBM Security Bulletins
added 2025/07/09 4:3 p.m.4 views

Security Bulletin: Prism (aka PrismJS) through 1.29.0 allows DOM Clobbering which affects IBM watsonx.data

Summary Prism aka PrismJS through 1.29.0 allows DOM Clobbering with resultant XSS for untrusted input that contains HTML but does not directly contain JavaScript, because document.currentScript lookup can be shadowed by attacker-injected HTML elements. These can affect watsonx.data. Vulnerability...

5.4CVSS5.9AI score0.00301EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/07/07 7:57 p.m.7 views

Security Bulletin: IBM Storage Ceph is vulnerable to Code Injection in Grafana (CVE-2024-53382)

Summary Grafana is used by IBM Storage Ceph as a metrics dashboard. This bulletin identifies the steps to take to address the vulnerability in Grafana. CVE-2024-53382 Vulnerability Details CVEID:CVE-2024-53382 DESCRIPTION: Prism aka PrismJS through 1.29.0 allows DOM Clobbering with resultant XSS...

5.4CVSS6AI score0.00301EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/06/26 5:48 a.m.7 views

Security Bulletin: There is a vulnerability in prism-1.28.0.jsused by IBM Maximo Asset Management application ( CVE-2024-53382)

Summary There is a vulnerability in prism-1.28.0.js used by IBM Maximo Asset Management application CVE-2024-53382 Vulnerability Details CVEID:CVE-2024-53382 DESCRIPTION: Prism aka PrismJS through 1.29.0 allows DOM Clobbering with resultant XSS for untrusted input that contains HTML but does not...

5.4CVSS5.8AI score0.00301EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/06/25 8:0 a.m.8 views

Security Bulletin: IBM Maximo Application Suite uses jinja2-3.1.5-py3-none-any.whl and prismjs-1.29.0.tgz which is vulnerable to CVE-2025-27516 and CVE-2024-53382 This bulletin contains information regarding the vulnerability and its fixture.

Summary IBM Maximo Application Suite uses jinja2-3.1.5-py3-none-any.whl and prismjs-1.29.0.tgz which is vulnerable to CVE-2025-27516 and CVE-2024-53382 This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2025-27516 DESCRIPTION: Jinja is ...

8.8CVSS6.5AI score0.00476EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/06/24 10:52 a.m.5 views

Security Bulletin: IBM watsonx Code Assistant IDE Extensions affected by prismjs Cross-Site Scripting vulnerability

Summary prismjs library is used by IBM watsonx Code Assistant IDE Extensions. CVE-2024-53382. This bulletin outlines the necessary steps to address and remediate the vulnerability. Vulnerability Details CVEID:CVE-2024-53382 DESCRIPTION: Prism aka PrismJS through 1.29.0 allows DOM Clobbering with...

5.4CVSS9.2AI score0.00301EPSS
Exploits1Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2025/06/11 1:20 p.m.16 views

Security Bulletin: IBM Security QRadar EDR Software contains multiple vulnerabilities

Summary IBM Security QRadar EDR Software includes vulnerable components e.g., framework libraries that could be identified and exploited with automated tools. These have been addressed in the update. Vulnerability Details CVEID:CVE-2024-53382 DESCRIPTION: Prism aka PrismJS through 1.29.0 allows D...

9.1CVSS9.6AI score0.02186EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/05/30 1:2 p.m.12 views

Security Bulletin: IBM Security SOAR is using a component with a known vulnerability [CVE-2024-53382]

Summary IBM Security SOAR uses an older version of prismjs that may be identified and exploited. Updates for supported versions have been released which address the issue. It is recommended customers upgrade to the latest applicable fix pack 51.0.6.0 . Vulnerability Details CVEID:CVE-2024-53382...

5.4CVSS6.2AI score0.00301EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/04/15 12:32 p.m.8 views

Security Bulletin: IBM Maximo Application Suite - Manage Component uses prismjs-1.29.0.tgz which is vulnerable to CVE-2024-53382.

Summary IBM Maximo Application Suite - Manage Component uses prismjs-1.29.0.tgz which is vulnerable to CVE-2024-53382. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2024-53382 DESCRIPTION: Prism aka PrismJS through 1.29.0 allows DO...

5.4CVSS5.7AI score0.00301EPSS
Exploits1Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/03/06 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2024-53382

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Prism aka PrismJS through 1.29.0 allows DOM Clobbering with resultant XSS for untrusted input that contains HTML but does not directly contain JavaScript, becau...

5.4CVSS6.7AI score0.00301EPSS
Exploits1References4
Circl
Circl
added 2025/03/03 7:29 a.m.13 views

CVE-2024-53382

creationtimestamp| type| source ---|---|--- 2025-03-03 07:29:35+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/6153 2025-03-03 08:49:34+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3ljhky5cavi26 2025-03-03 09:41:01+00:00| seen| https://t.me/cvedetector/19...

5.4CVSS5.6AI score0.00301EPSS
Exploits1References3
NVD
NVD
added 2025/03/03 7:15 a.m.12 views

CVE-2024-53382

Prism aka PrismJS through 1.29.0 allows DOM Clobbering with resultant XSS for untrusted input that contains HTML but does not directly contain JavaScript, because document.currentScript lookup can be shadowed by attacker-injected HTML elements...

5.4CVSS0.00301EPSS
Exploits1References2
CVE
CVE
added 2025/03/03 12:0 a.m.141 views

CVE-2024-53382

PrismJS (Prism) 1.29.0 and earlier is vulnerable to DOM clobbering that can lead to XSS when untrusted HTML containing markup is processed, because document.currentScript can be shadowed by attacker-injected HTML elements. IBM security notes tie CVE-2024-53382 to PrismJS and document the affected...

5.4CVSS6.1AI score0.00301EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2025/03/03 12:0 a.m.8 views

CVE-2024-53382

Prism aka PrismJS through 1.29.0 allows DOM Clobbering with resultant XSS for untrusted input that contains HTML but does not directly contain JavaScript, because document.currentScript lookup can be shadowed by attacker-injected HTML elements...

4.9CVSS5AI score0.00301EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/03/03 12:0 a.m.14 views

CVE-2024-53382

Prism aka PrismJS through 1.29.0 allows DOM Clobbering with resultant XSS for untrusted input that contains HTML but does not directly contain JavaScript, because document.currentScript lookup can be shadowed by attacker-injected HTML elements...

4.9CVSS0.00301EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2025/03/03 12:0 a.m.10 views

CVE-2024-53382

Prism aka PrismJS through 1.29.0 allows DOM Clobbering with resultant XSS for untrusted input that contains HTML but does not directly contain JavaScript, because document.currentScript lookup can be shadowed by attacker-injected HTML elements...

5.4CVSS6.7AI score0.00301EPSS
Exploits1References1
OSV
OSV
added 2025/03/03 12:0 a.m.8 views

CVE-2024-53382

Prism aka PrismJS through 1.29.0 allows DOM Clobbering with resultant XSS for untrusted input that contains HTML but does not directly contain JavaScript, because document.currentScript lookup can be shadowed by attacker-injected HTML elements...

4.9CVSS4.8AI score0.00301EPSS
Exploits1References4
Rows per page
Query Builder