EUVD-2010-2284

Malware in sbrugna...

Security Bulletin: There is a vulnerability in dojo-1.17.3.js used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2021-23450, CVE-2008-6681, CVE-2010-2273)

Summary There is a vulnerability in dojo-1.17.3.js used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2021-23450 DESCRIPTION: All versions of package dojo are vulnerable to Prototype Pollution via the setObject function. CWE:CWE-1321: Improperly...

Security Bulletin: Vulnerability in Dojo affects IBM Integrated Analytics System[CVE-2021-23450]

Summary The Dojo package is used by IBM Integrated Analytics System. IBM Integrated Analytics System has addresed the applicable CVE CVE-2021-23450. Vulnerability Details CVEID:CVE-2021-23450 DESCRIPTION: All versions of package dojo are vulnerable to Prototype Pollution via the setObject functio...

CVE-2010-2272

Unspecified vulnerability in iframehistory.html in Dojo 0.4.x before 0.4.4 has unknown impact and remote attack vectors...

Security Bulletin: IBM Tivoli Business Service Manager is vulnerable to remote code execution due to Dojo (CVE-2021-23450)

Summary Dojo is shipped with IBM Tivoli Business Manager 6.2.0 as part of its UI framework. Information about security vulnerabilities affecting Dojo has been published in a security bulletin. Vulnerability Details CVEID:CVE-2021-23450 DESCRIPTION: Dojo could allow a remote attacker to execute...

Security Bulletin: Multiple vulnerabilities in expat, glibc, http server, dojo, openssl shipped with IBM Cloud Pak System

Summary Multiple vulnerabilities in expat, glibc, http server, dojo, openssl shipped with Cloud Pak System. Cloud Pak System has addressed these vulnerabilities. Vulnerability Details CVEID:CVE-2021-46143 DESCRIPTION: Expat could allow a remote attacker to execute arbitrary code on the system,...

Security Bulletin: Dojo vulnerability in WebSphere Liberty affects SPSS Collaboration and Deployment Services (CVE-2021-23450)

Summary There is a Dojo vulnerability in WebSphere Liberty used by SPSS Collaboration and Deployment Services. This issue has been addressed. Vulnerability Details CVEID: CVE-2021-23450 DESCRIPTION: Dojo could allow a remote attacker to execute arbitrary code on the system, caused by a prototype...

@agrc/helpers (>=1.0.0 <=1.0.1), @dojo/interop (>=4.0.0 <=7.0.0) +9 more potentially affected by CVE-2021-23450 via dojo (>=1.10.0 <=1.17.0-pre)

dojo NPM version =1.10.0, =1.0.0, =4.0.0, =0.0.29, =0.0.1, =1.10.0, =0.1.0, =1.10.3, =0.3.0-alpha.1, =0.0.1, =0.5.24 Source cves: CVE-2021-23450 Source advisory: SNYK:JS-DOJO-1535223...

Security Bulletin: Dojo vulnerability in WebSphere Liberty affects Collaboration and Deployment Services (CVE-2020-5258)

Summary There is a Dojo vulnerability in WebSphere Liberty used by Collaboration and Deployment Services. This issue has been addressed. Vulnerability Details CVEID: CVE-2020-5258 DESCRIPTION: Dojo dojo could allow a remote attacker to inject arbitrary code on the system, caused by a prototype...

Security Bulletin: A vulnerability in IBM WebSphere Liberty affects IBM WIoTP MessageGateway

Summary There is a Dojo vulnerability in IBM WebSphere Liberty that affects IBM WIoTP MessageGateway. Vulnerability Details CVEID: CVE-2020-5258 DESCRIPTION: Dojo dojo could allow a remote attacker to inject arbitrary code on the system, caused by a prototype pollution flaw. By injecting other...

Security Bulletin: Vulnerability in Dojo affects WebSphere Application Server shipped with IBM Security Access Manager for Enterprise Single Sign-On (CVE-2020-5258)

Summary IBM WebSphere Application Server is shipped with IBM Security Access Manager for Enterprise Single Sign-On. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security bulletin...

Security Bulletin: Vulnerability in WebSphere Application Server Liberty affects IBM Financial Transaction Manager for Digital Payments for RedHat OpenShift (CVE-2020-5258)

Summary Dojo vulnerability in WebSphere Application Server Liberty affects IBM Financial Transaction Manager for Digital Payments for RedHat OpenShift. Vulnerability Details CVEID: CVE-2020-5258 DESCRIPTION: Dojo dojo could allow a remote attacker to inject arbitrary code on the system, caused by...

@hpcc-js/dgrid-shim (>=0.0.29 <=0.0.32), dijit (>=1.12.1 <=1.12.11) +1 more potentially affected by CVE-2020-5258 via dojo (>=1.12.1 <=1.12.7)

dojo NPM version =1.12.1, =0.0.29, =1.12.1, =1.12.1, =1.12.11 Source cves: CVE-2020-5258 Source advisory: OSV:GHSA-JXFH-8WGV-VFR2...

dijit (>=1.10.0 <=1.11.1), dojo-node (=4.1.0) +2 more potentially affected by CVE-2020-5258 via dojo (>=1.10.0 <=1.11.1)

dojo NPM version =1.10.0, =1.10.0, =1.10.3, =0.3.0-alpha.1, =0.3.0-alpha.32 Source cves: CVE-2020-5258 Source advisory: OSV:GHSA-JXFH-8WGV-VFR2...

dijit (>=1.16.0 <=1.16.1), dojox (>=1.16.0 <=1.16.1) potentially affected by CVE-2020-5258 via dojo (>=1.16.0 <=1.16.1)

dojo NPM version =1.16.0, =1.16.0, =1.16.0, =1.16.1 Source cves: CVE-2020-5258 Source advisory: OSV:GHSA-JXFH-8WGV-VFR2...

dijit (>=1.10.0 <=1.10.1) potentially affected by CVE-2010-2273 via dojo (>=1.10.0 <=1.10.1)

dojo NPM version =1.10.0, =1.10.0, =1.10.1 Source cves: CVE-2010-2273 Source advisory: OSV:GHSA-536Q-8GXX-M782...

@hpcc-js/dgrid-shim (>=0.0.29 <=0.0.32), dijit (>=1.12.1 <=1.12.11) +1 more potentially affected by CVE-2010-2273 via dojo (>=1.12.1 <=1.12.3)

dojo NPM version =1.12.1, =0.0.29, =1.12.1, =1.12.1, =1.12.11 Source cves: CVE-2010-2273 Source advisory: OSV:GHSA-536Q-8GXX-M782...