Lucene search
K

6 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.7 views

MiracleLinux 8 : python38:3.8 and python38-devel:3.8 (AXSA:2022-2898:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-2898:01 advisory. python-psutil: Double free because of refcount mishandling CVE-2019-18874 python-jinja2: ReDoS vulnerability in the urlize filter CVE-2020-28493...

9.8CVSS7.7AI score0.35963EPSS
Exploits7References10
RedhatCVE
RedhatCVE
added 2021/03/30 6:27 p.m.31 views

CVE-2021-28918

A flaw was found in nodejs-netmask. Octal input data may lead to a server-side request forgery, remote file inclusion, local file inclusion, and other vulnerabilities. The highest threat from this vulnerability is to data integrity...

9.1CVSS1.6AI score0.16356EPSS
Exploits1References4
Node.js
Node.js
added 2021/03/29 9:35 p.m.61 views

netmask npm package vulnerable to octal input data

Overview netmask npm package is vulnerable to octal input data. This may lead to server-side request forgery, remote file inclusion, local file inclusion, and other vulnerabilities. Recommendation Upgrade to version 2.0.1 or later. References - GitHub Advisory - Researcher report...

6.4CVSS3.8AI score0.16356EPSS
Exploits1Affected Software1
Github Security Blog
Github Security Blog
added 2021/03/29 9:32 p.m.67 views

netmask npm package mishandles octal input data

The netmask package before 2.0.1 for Node.js mishandles certain unexpected characters in an IP address string, such as an octal digit of 9. This in some situations allows attackers to bypass access control that is based on IP addresses. NOTE: this issue exists because of an incomplete fix for...

5.3CVSS7.2AI score0.01682EPSS
Exploits0References8Affected Software1
OSV
OSV
added 2021/03/29 9:32 p.m.24 views

GHSA-PCH5-WHG9-QR2R netmask npm package mishandles octal input data

The netmask package before 2.0.1 for Node.js mishandles certain unexpected characters in an IP address string, such as an octal digit of 9. This in some situations allows attackers to bypass access control that is based on IP addresses. NOTE: this issue exists because of an incomplete fix for...

5.3CVSS7AI score0.16356EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2021/03/28 12:0 a.m.6 views

PT-2021-17985 · Npm · Netmask

Name of the Vulnerable Software and Affected Versions: netmask npm package versions 1.0.6 and below netmask npm package versions 2.0.0 Description: The issue is related to improper input validation of octal strings in the netmask npm package, allowing unauthenticated remote attackers to perform...

9.1CVSS7AI score0.16356EPSS
Exploits1References32
Rows per page
Query Builder