Lucene search
+L

132 matches found

Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.19 views

RHEL 6 : nodejs (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - nodejs-semver: Regular expression denial of service CVE-2022-25883 Note that Nessus has not tested for this issue b...

7.5CVSS7AI score0.02761EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.27 views

RHEL 7 : nodejs-semver (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - nodejs-semver: Regular expression denial of service CVE-2022-25883 Note that Nessus has not tested for this issue b...

7.5AI score0.02761EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.31 views

RHEL 6 : nodejs-semver (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - nodejs-semver: Regular expression denial of service CVE-2022-25883 Note that Nessus has not tested for this issue b...

8.7AI score0.02761EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2024/02/07 3:32 p.m.49 views

Moderate: Red Hat Security Advisory: Migration Toolkit for Runtimes security, bug fix and enhancement update

Migration Toolkit for Runtimes 1.2.4 release Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...

7.5CVSS6.6AI score0.02761EPSS
Exploits1References3
IBM Security Bulletins
IBM Security Bulletins
added 2023/12/21 5:24 p.m.67 views

Security Bulletin: IBM Storage Fusion HCI may be vulnerable to Injection, Regular Expression Denial of Service (ReDoS), and Arbitrary Code Execution and via use of postcss, semver, babel-traverse (CVE-2023-45133, CVE-2022-25883, CVE-2023-44270)

Summary JavaScript libraries postcss, semver, and babel-traverse are used by IBM Storage Fusion HCI's Web Interface. Vulnerabilities in these libraries could lead to Denial of Service and Arbitrary Code Injection as described the the CVEs listed in the "Vulnerability Details" section. Vulnerabili...

9.3CVSS8.8AI score0.02761EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/11/28 11:0 p.m.36 views

Security Bulletin: IBM InfoSphere Information Server is affected by a vulnerability in Node.js semver (CVE-2022-25883)

Summary A vulnerability in Node.js semver used by IBM InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2022-25883 DESCRIPTION: Node.js semver package is vulnerable to a denial of service, caused by a regular expression denial of service ReDoS flaw in the new Range...

7.5CVSS7.3AI score0.02761EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/11/16 9:37 p.m.47 views

Security Bulletin: IBM Storage Fusion may be vulnerable to Injection, Regular Expression Denial of Service (ReDoS), and Arbitrary Code Execution and via use of postcss, semver, babel-traverse (CVE-2023-45133, CVE-2022-25883, CVE-2023-44270)

Summary JavaScript libraries postcss, semver, and babel-traverse are used by IBM Storage Fusion's Web Interface. Vulnerabilities in these libraries could lead to Denial of Service and Arbitrary Code Injection as described the the CVEs listed in the "Vulnerability Details" section. Vulnerability...

9.3CVSS8.8AI score0.02761EPSS
Exploits1Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/10/23 12:0 a.m.12 views

Ubuntu 16.04 ESM : semver vulnerability (USN-4776-1)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by a vulnerability as referenced in the USN-4776-1 advisory. It was discovered that semver incorrectly handled certain inputs. A remote attacker could possibly use this issue to cause a denial of service. Tenable has...

7.8CVSS7.5AI score0.06488EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2023/10/06 4:11 p.m.40 views

Security Bulletin: IBM Cloud Pak for Network Automation 2.6.2 fixes multiple security vulnerabilities

Summary IBM Cloud Pak for Network Automation 2.6.2 fixes multiple security vulnerabilities, listed in the CVEs below. Vulnerability Details CVEID:CVE-2023-20859 DESCRIPTION: VMware Tanzu Spring Vault could allow a local authenticated attacker to obtain sensitive information, caused by the inserti...

9.8CVSS9.8AI score0.03465EPSS
Exploits3Affected Software1
RedHat Linux
RedHat Linux
added 2023/10/06 3:41 a.m.5 views

nodejs-semver: Regular expression denial of service

A Regular Expression Denial of Service ReDoS vulnerability was discovered in node-semver package via the 'new Range' function. This issue could allow an attacker to pass untrusted malicious regex user data as a range, causing the service to excessively consume CPU depending upon the input size,...

7.5CVSS6.8AI score0.02761EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2023/10/06 12:0 a.m.124 views

RHEL 9 : Red Hat JBoss Enterprise Application Platform 7.4.13 security update on RHEL 9 (Important) (RHSA-2023:5486)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:5486 advisory. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release o...

9.8CVSS6.8AI score0.02761EPSS
Exploits4References33
RedHat Linux
RedHat Linux
added 2023/10/05 8:23 p.m.4 views

nodejs-semver: Regular expression denial of service

A Regular Expression Denial of Service ReDoS vulnerability was discovered in node-semver package via the 'new Range' function. This issue could allow an attacker to pass untrusted malicious regex user data as a range, causing the service to excessively consume CPU depending upon the input size,...

7.5CVSS6.8AI score0.02761EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2023/10/05 8:18 p.m.5 views

nodejs-semver: Regular expression denial of service

A Regular Expression Denial of Service ReDoS vulnerability was discovered in node-semver package via the 'new Range' function. This issue could allow an attacker to pass untrusted malicious regex user data as a range, causing the service to excessively consume CPU depending upon the input size,...

7.5CVSS6.8AI score0.02761EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2023/10/05 12:0 a.m.79 views

RHEL 7 : Red Hat JBoss Enterprise Application Platform 7.4.13 security update on RHEL 7 (Important) (RHSA-2023:5484)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:5484 advisory. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release o...

9.8CVSS6.8AI score0.02761EPSS
Exploits4References33
Tenable Nessus
Tenable Nessus
added 2023/09/27 12:0 a.m.26 views

AlmaLinux 8 : nodejs:16 (ALSA-2023:5360)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:5360 advisory. nodejs: Permissions policies can be bypassed via Module.load CVE-2023-32002 nodejs-semver: Regular expression denial of service CVE-2022-25883 nodejs:...

9.8CVSS7.2AI score0.02761EPSS
Exploits2References5
IBM Security Bulletins
IBM Security Bulletins
added 2023/09/26 6:24 p.m.66 views

Security Bulletin: semver-6.3.0.tgz is vulnerable to CVE-2022-25883 used in IBM Maximo Application Suite - Monitor Component

Summary IBM Maximo Application Suite - Monitor Component uses semver which is vulnerable to CVE-2022-25883. Vulnerability Details CVEID:CVE-2022-25883 DESCRIPTION: Node.js semver package is vulnerable to a denial of service, caused by a regular expression denial of service ReDoS flaw in the new...

7.5CVSS7.3AI score0.02761EPSS
Exploits1Affected Software1
RedHat Linux
RedHat Linux
added 2023/09/26 3:5 p.m.5 views

nodejs-semver: Regular expression denial of service

A Regular Expression Denial of Service ReDoS vulnerability was discovered in node-semver package via the 'new Range' function. This issue could allow an attacker to pass untrusted malicious regex user data as a range, causing the service to excessively consume CPU depending upon the input size,...

7.5CVSS6.8AI score0.02761EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2023/09/26 2:59 p.m.10 views

nodejs-semver: Regular expression denial of service

A Regular Expression Denial of Service ReDoS vulnerability was discovered in node-semver package via the 'new Range' function. This issue could allow an attacker to pass untrusted malicious regex user data as a range, causing the service to excessively consume CPU depending upon the input size,...

7.5CVSS6.8AI score0.02761EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2023/09/26 2:56 p.m.3 views

nodejs-semver: Regular expression denial of service

A Regular Expression Denial of Service ReDoS vulnerability was discovered in node-semver package via the 'new Range' function. This issue could allow an attacker to pass untrusted malicious regex user data as a range, causing the service to excessively consume CPU depending upon the input size,...

7.5CVSS6.8AI score0.02761EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2023/09/26 2:56 p.m.2 views

nodejs-semver: Regular expression denial of service

A Regular Expression Denial of Service ReDoS vulnerability was discovered in node-semver package via the 'new Range' function. This issue could allow an attacker to pass untrusted malicious regex user data as a range, causing the service to excessively consume CPU depending upon the input size,...

7.5CVSS6.8AI score0.02761EPSS
Exploits1References6
Rows per page
Query Builder