Security Bulletin: IBM App Connect Enterprise Certified Container DesignerAuthoring and IntegrationServer operands may be vulnerable to arbitrary code execution due to [CVE-2020-36604]

Summary Node.js module hoek is used by IBM App Connect Enterprise Certified Container Designer connectors. IBM App Connect Enterprise Certified Container DesignerAuthoring and IntegrationServer operands that execute Designer flows may be vulnerable to arbitrary code execution. This bulletin...

CVE-2018-3728

hoek node module before 4.2.0 and 5.0.x before 5.0.3 suffers from a Modification of Assumed-Immutable Data MAID vulnerability via 'merge' and 'applyToDefaults' functions, which allows a malicious user to modify the prototype of "Object" via proto, causing the addition or modification of an existi...

DEBIAN-CVE-2018-3728

hoek node module before 4.2.0 and 5.0.x before 5.0.3 suffers from a Modification of Assumed-Immutable Data MAID vulnerability via 'merge' and 'applyToDefaults' functions, which allows a malicious user to modify the prototype of "Object" via proto, causing the addition or modification of an existi...

CVE-2018-3728

hoek node module before 4.2.0 and 5.0.x before 5.0.3 suffers from a Modification of Assumed-Immutable Data MAID vulnerability via 'merge' and 'applyToDefaults' functions, which allows a malicious user to modify the prototype of "Object" via proto, causing the addition or modification of an existi...

CVE-2018-3728

hoek node module before 4.2.0 and 5.0.x before 5.0.3 suffers from a Modification of Assumed-Immutable Data MAID vulnerability via 'merge' and 'applyToDefaults' functions, which allows a malicious user to modify the prototype of "Object" via proto, causing the addition or modification of an existi...