Lucene search
+L

4 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/06/22 1:20 p.m.3 views

Security Bulletin: Vulnerability in Lodash affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.

Summary Potential vulnerability in Lodash has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to details for additional information. Vulnerabilit...

8.2CVSS6.5AI score0.01535EPSS
Exploits0Affected Software2
OSV
OSV
added 2026/04/01 11:50 p.m.6 views

GHSA-F23M-R3PF-42RH lodash vulnerable to Prototype Pollution via array path bypass in `_.unset` and `_.omit`

Impact Lodash versions 4.17.23 and earlier are vulnerable to prototype pollution in the .unset and .omit functions. The fix for CVE-2025-13465 only guards against string key members, so an attacker can bypass the check by passing array-wrapped path segments. This allows deletion of properties fro...

6.5CVSS5.9AI score0.01535EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2026/03/31 7:18 p.m.7 views

CVE-2026-2950

Impact: Lodash versions 4.17.23 and earlier are vulnerable to prototype pollution in the .unset and .omit functions. The fix for CVE-2025-13465: https://github.com/lodash/lodash/security/advisories/GHSA-xxjr-mmjv-4gpg only guards against string key members, so an attacker can bypass the check by...

6.5CVSS5.3AI score0.00317EPSS
Exploits0
AlmaLinux
AlmaLinux
added 2026/02/10 12:0 a.m.8 views

Important: pcs security update

The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Security Fixes: lodash: prototype pollution in .unset and .omit functions CVE-2025-13465 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and othe...

8.2CVSS5.6AI score0.01535EPSS
Exploits0References4
Rows per page
Query Builder