52 matches found
SUSE CVE-2015-8970
crypto/algifskcipher.c in the Linux kernel before 4.4.2 does not verify that a setkey operation has been performed on an AFALG socket before an accept system call is processed, which allows local users to cause a denial of service NULL pointer dereference and system crash via a crafted applicatio...
SUSE CVE-2017-9211
The cryptoskcipherinittfm function in crypto/skcipher.c in the Linux kernel through 4.11.2 relies on a setkey function that lacks a key-size check, which allows local users to cause a denial of service NULL pointer dereference via a crafted application...
SUSE CVE-2021-44906
Minimist =1.2.5 is vulnerable to Prototype Pollution via file index.js, function setKey lines 69-95...
IBM App Connect Enterprise 资源管理错误漏洞
IBM Integration Bus IBM WebSphere Message Broker and IBM App Connect Enterprise are both products of IBM Corporation, USA.IBM Integration Bus is an Enterprise Service Bus ESB product that provides connectivity and common data transformation for Service Oriented Architecture SOA environments and...
OESA-2022-1665 nodejs-minimist security update
This module is the guts of optimist's argument parser without all the fanciful decoration. Security Fixes: Minimist =1.2.5 is vulnerable to Prototype Pollution via file index.js, function setKey lines 69-95.CVE-2021-44906...
Prototype Pollution in minimist
Minimist prior to 1.2.6 and 0.2.4 is vulnerable to Prototype Pollution via file index.js, function setKey lines 69-95...
GHSA-XVCH-5GV4-984H Prototype Pollution in minimist
Minimist prior to 1.2.6 and 0.2.4 is vulnerable to Prototype Pollution via file index.js, function setKey lines 69-95...
Minimist has an unspecified vulnerability
minimist is a command-line parameter parsing tool. minimist suffers from a security vulnerability that stems from vulnerability to prototype contamination via the file index.js, function setKey. No details of the vulnerability are currently available...
DEBIAN-CVE-2021-44906
Minimist =1.2.5 is vulnerable to Prototype Pollution via file index.js, function setKey lines 69-95...
CVE-2021-44906
Minimist =1.2.5 is vulnerable to Prototype Pollution via file index.js, function setKey lines 69-95...
AZL-44583 CVE-2021-44906 affecting package js-jquery 3.5.0-4
Minimist =1.2.5 is vulnerable to Prototype Pollution via file index.js, function setKey lines 69-95...
CVE-2021-44906
Minimist =1.2.5 is vulnerable to Prototype Pollution via file index.js, function setKey lines 69-95...
UBUNTU-CVE-2021-44906
Minimist =1.2.5 is vulnerable to Prototype Pollution via file index.js, function setKey lines 69-95...
CVE-2021-44906
Minimist =1.2.5 is vulnerable to Prototype Pollution via file index.js, function setKey lines 69-95...
CVE-2021-44906
CVE-2021-44906 affects the minimist library, with versions listed as ≤ 1.2.5. The vulnerability is described as a Prototype Pollution issue via the file index.js, function setKey() (lines 69-95). The connected documents confirm this issue across multiple sources (e.g., Astra Linux advisory, CIRCL...
minimist 安全漏洞
minimist is a command-line parameter parsing tool. minimist suffers from a security vulnerability that stems from vulnerability to prototype contamination via the file index.js, function setKey. No details of the vulnerability are currently available...
PT-2020-6963
Name of the Vulnerable Software and Affected Versions Minimist versions 0.2.4 and earlier, 1.2.5 and earlier Description The issue is related to a Prototype Pollution vulnerability via the file index.js, specifically the setKey function. This vulnerability can be exploited if an attacker has...
kernel: crypto: GPF in lrw_crypt caused by null-deref
The lrwcrypt function in 'crypto/lrw.c' in the Linux kernel before 4.5 allows local users to cause a system crash and a denial of service by the NULL pointer dereference via accept2 system call for AFALG socket without calling setkey first to set a cipher key...
kernel: crypto: GPF in lrw_crypt caused by null-deref
The lrwcrypt function in 'crypto/lrw.c' in the Linux kernel before 4.5 allows local users to cause a system crash and a denial of service by the NULL pointer dereference via accept2 system call for AFALG socket without calling setkey first to set a cipher key...
kernel: crypto: GPF in lrw_crypt caused by null-deref
The lrwcrypt function in 'crypto/lrw.c' in the Linux kernel before 4.5 allows local users to cause a system crash and a denial of service by the NULL pointer dereference via accept2 system call for AFALG socket without calling setkey first to set a cipher key...