4 matches found
Security Bulletin: Vulnerability in Lodash affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.
Summary Potential vulnerability in Lodash has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to details for additional information. Vulnerabilit...
GHSA-F23M-R3PF-42RH lodash vulnerable to Prototype Pollution via array path bypass in `_.unset` and `_.omit`
Impact Lodash versions 4.17.23 and earlier are vulnerable to prototype pollution in the .unset and .omit functions. The fix for CVE-2025-13465 only guards against string key members, so an attacker can bypass the check by passing array-wrapped path segments. This allows deletion of properties fro...
CVE-2026-2950
Impact: Lodash versions 4.17.23 and earlier are vulnerable to prototype pollution in the .unset and .omit functions. The fix for CVE-2025-13465: https://github.com/lodash/lodash/security/advisories/GHSA-xxjr-mmjv-4gpg only guards against string key members, so an attacker can bypass the check by...
Important: pcs security update
The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Security Fixes: lodash: prototype pollution in .unset and .omit functions CVE-2025-13465 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and othe...