41 matches found
CVE-2026-8888
The CVE-2026-8888 entry applies to the Securly Chrome Extension (v3.0.7). It downloads config.json over HTTP and compiles server-provided patterns as JavaScript regular expressions via new RegExp() without complexity validation, enabling an on-path attacker to inject patterns that cause catastrop...
CVE-2026-8888
Version 3.0.7 of the Securly Chrome Extension downloads config.json over HTTP and compiles server-provided patterns as JavaScript regular expressions via new RegExp without complexity validation. An on-path attacker can inject specific patterns to cause catastrophic backtracking, resulting in...
CVE-2026-8888 CVE-2026-8888
Version 3.0.7 of the Securly Chrome Extension downloads config.json over HTTP and compiles server-provided patterns as JavaScript regular expressions via new RegExp without complexity validation. An on-path attacker can inject specific patterns to cause catastrophic backtracking, resulting in...
Security Bulletin: IBM Cloud Pak System is vulnerable to multiple vulnerabilities in IBM Java SDK.
Summary IBM Cloud Pak System is vulnerable to multiple vulnerabilities in IBM SDK. The fix removes these vulnerabilities as per IBM SDK, Java Technology Apr 2024. Vulnerability Details CVEID:CVE-2024-21085 DESCRIPTION: An unspecified vulnerability in Java SE related to the VM component could allo...
Security Bulletin: Multiple vulnerabilities in IBM® Java SDK affects IBM WebSphere Application Server April 2023 CPU that is bundled with IBM WebSphere Application Server Patterns
Summary IBM WebSphere Application Server is shipped as a component of IBM WebSphere Application Server Patterns. There are multiple vulnerabilities in the IBM® SDK, Java™ Technology Edition that is shipped with IBM WebSphere Application Server. These issues were disclosed in the IBM® Java SDK...
Security Bulletin: Multiple vulnerabilities in IBM Java SDK affects IBM WebSphere Application Server October 2022 CPU that is bundled with IBM WebSphere Application Server Patterns
Summary IBM WebSphere Application Server is shipped as a component of IBM WebSphere Application Server Patterns. There are multiple vulnerabilities in the IBM SDK Java Technology Edition that is shipped with IBM WebSphere Application Server. These issues were disclosed in the IBM Java SDK updates...
Security Bulletin: Multiple vulnerabilities in IBM Java SDK affects IBM WebSphere Application Server April and July 2022 CPU that is bundled with IBM WebSphere Application Server Patterns
Summary IBM WebSphere Application Server is shipped as a component of IBM WebSphere Application Server Patterns. There are multiple vulnerabilities in the IBM SDK Java Technology Edition that is shipped with IBM WebSphere Application Server. These issues were disclosed in the IBM Java SDK updates...
Security Bulletin: Multiple vulnerabilities in IBM HTTP Server shipped in IBM WebSphere Application Server Patterns due to Expat vulnerabilities
Summary IBM WebSphere Application Server is shipped as a component of IBM WebSphere Application Server Patterns. There are multiple vulnerabilities in the Expat library affecting the IBM HTTP Server used by IBM WebSphere Application Server CVE-2022-25313, CVE-2022-25315,...
Security Bulletin: Multiple vulnerabilities in IBM HTTP Server shipped in IBM WebSphere Application Server Patterns
Summary IBM WebSphere Application Server is shipped as a component of IBM WebSphere Application Server Patterns. There are multiple vulnerabilities in the Expat library affecting the IBM HTTP Server used by IBM WebSphere Application Server CVE-2021-45960, CVE-2022-22822, CVE-2022-23990,...
Security Bulletin: Multiple vulnerabilities in WebSphere Application Server shipped with IBM WebSphere Application Server Patterns
Summary WebSphere Application Server is shipped as a component of IBM WebSphere Application Server Patterns. Information about security vulnerabilities affecting WebSphere Application Server have been published in a security bulletin. Vulnerability Details CVEID: CVE-2021-4104 DESCRIPTION: Apache...
Security Bulletin: A security vulnerability has been identified in IBM® SDK, Java™ Technology Edition shipped with IBM Tivoli Business Service Manager (CVE-2021-2388, CVE-2021-2369, CVE-2021-2432)
Summary IBM® SDK, Java™ Technology Edition is shipped as a component of IBM Tivoli Business Service Manager. Information about security vulnerabilities affecting IBM® SDK, Java™ Technology Edition has been published in a security bulletin. Vulnerability Details Refer to the security bulletins...
Security Bulletin: Multiple Vulnerabilities in WebSphere Application Server bundled with IBM WebSphere Application Server Patterns
Summary WebSphere Application Server is shipped as a component of IBM WebSphere Application Server Patterns. Information about a security vulnerability affecting WebSphere Application Server has been published in multiple security bulletins. Vulnerability Details Refer to the security bulletins...
Security Bulletin: Multiple vulnerabilities in IBM Java SDK affects WebSphere Application Server April 2021 CPU that is bundled with IBM WebSphere Application Server Patterns
Summary There are multiple vulnerabilities in the IBM SDK Java Technology Edition that is shipped with IBM WebSphere Application Server. These issues were disclosed in the IBM Java SDK updates in April 2021. Vulnerability Details CVEID: CVE-2021-2161 DESCRIPTION: An unspecified vulnerability in...
Security Bulletin: Multiple Vulnerabilities in WebSphere Application Server bundled with IBM WebSphere Application Server Patterns
Summary WebSphere Application Server is shipped as a component of IBM WebSphere Application Server Patterns. Information about security vulnerabilities affecting WebSphere Application Server have been published in multiple security bulletins. Vulnerability Details Refer to the security bulletins...
Security Bulletin: WebSphere Application Server shipped with IBM WebSphere Application Server Patterns is vulnerable to an information exposure vulnerability (CVE-2020-4643)
Summary WebSphere Application Server is shipped as a component of IBM WebSphere Application Server Patterns. Information about security vulnerabilities affecting WebSphere Application Server have been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed i...
Security Bulletin: WebSphere Application Server ND shipped with IBM WebSphere Application Server Patterns is vulnerable to cross-site scripting (CVE-2020-4575)
Summary WebSphere Application Server is shipped as a component of IBM WebSphere Application Server Patterns. Information about security vulnerabilities affecting WebSphere Application Server have been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed i...
Security Bulletin: WebSphere Application Server shipped with IBM WebSphere Application Server Patterns is vulnerable to a remote code execution vulnerability (CVE-2020-4589)
Summary WebSphere Application Server is shipped as a component of IBM WebSphere Application Server Patterns. Information about security vulnerabilities affecting WebSphere Application Server have been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed i...
Security Bulletin: Vulnerability in Apache CXF affects WebSphere Application Server shipped with IBM WebSphere Application Server Patterns (CVE-2019-17573)
Summary WebSphere Application Server is shipped as a component of IBM WebSphere Application Server Patterns. Information about a security vulnerability affecting WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security bulletinss listed i...
Security Bulletin: Multiple Vulnerabilities in WebSphere Application Server bundled with IBM WebSphere Application Server Patterns
Summary WebSphere Application Server is shipped as a component of IBM WebSphere Application Server Patterns. Information about security vulnerabilities affecting WebSphere Application Server have been published in multiple security bulletins. Vulnerability Details Refer to the security bulletinss...
Security Bulletin: WebSphere Application Server bundled with IBM WebSphere Application Server Patterns is vulnerable to Apache Commons Beanutils (CVE-2019-10086)
Summary WebSphere Application Server is shipped as a component of IBM WebSphere Application Server Patterns. Information about security vulnerabilities affecting WebSphere Application Server have been published in a security bulletin. Vulnerability Details Refer to the security bulletinss listed ...