Security Bulletin: IBM App Connect Enterprise is vulnerable to Incomplete Filtering of One or More Instances of Special Elements due to node module validator (CVE-2025-12758)

Summary IBM App Connect Enterprise Connector Discovery and OpenAPI Editor, IBM App Connect Enterprise Discovery Connectors and IBM App Connect Enterprise runtime are vulnerable to Incomplete Filtering of One or More Instances of Special Elements due to node module validator. Vulnerability Details...

EUVD-2017-0303

Malware in sbrugna...

EUVD-2017-0166

Malware in sbrugna...

EUVD-2017-0291

Malware in sbrugna...

CVE-2024-50343 Incorrect response from Validator when input ends with `\n` in symfony/validator

symfony/validator is a module for the Symphony PHP framework which provides tools to validate values. It is possible to trick a Validator configured with a regular expression using the $ metacharacters, with an input ending with \n. Symfony as of versions 5.4.43, 6.4.11, and 7.1.4 now uses the D...

PT-2024-34153 · Symfony +5 · Symfony/Validator +5

Name of the Vulnerable Software and Affected Versions: symfony/validator versions 5.4.43, 6.4.11, and 7.1.4 Description: The symfony/validator module in the Symphony PHP framework is vulnerable to a regex bypass issue. It is possible to trick a Validator configured with a regular expression using...

SUSE CVE-2013-7454

The validator module before 1.1.0 for Node.js allows remote attackers to bypass the cross-site scripting XSS filter via nested forbidden strings...

SUSE CVE-2013-7453

The validator module before 1.1.0 for Node.js allows remote attackers to bypass the cross-site scripting XSS filter via vectors related to UI redressing...

Security Bulletin: IBM App Connect Enterprise Certified Container may be vulnerable to regular expression denial of service due to a vulnerability in the Node.js validator module

Summary IBM App Connect Enterprise Certified Container may be vulnerable to a regular expression denial of service attack when parsing an Open API/Swagger document, due to a vulnerability in the Node.js validator module Vulnerability Details Third Party Entry: 207314 DESCRIPTION: Node.js validato...

Moderate severity vulnerability that affects validator

The validator module before 1.1.0 for Node.js allows remote attackers to bypass the cross-site scripting XSS filter via a crafted javascript URI...

GHSA-QPJP-7RP2-9C3F Moderate severity vulnerability that affects validator

The validator module before 1.1.0 for Node.js allows remote attackers to bypass the XSS filter via a nested tag...

Moderate severity vulnerability that affects validator

The validator module before 1.1.0 for Node.js allows remote attackers to bypass the XSS filter via a nested tag...

Moderate severity vulnerability that affects validator

The validator module before 1.1.0 for Node.js allows remote attackers to bypass the cross-site scripting XSS filter via vectors related to UI redressing...

GHSA-RH6C-Q938-3R9Q Moderate severity vulnerability that affects validator

The validator module before 1.1.0 for Node.js allows remote attackers to bypass the cross-site scripting XSS filter via a crafted javascript URI...

Cross site scripting

The validator module before 1.1.0 for Node.js allows remote attackers to bypass the cross-site scripting XSS filter via nested forbidden strings...

CVE-2013-7453

The validator module before 1.1.0 for Node.js allows remote attackers to bypass the cross-site scripting XSS filter via vectors related to UI redressing...

CVE-2013-7453

The validator module before 1.1.0 for Node.js allows remote attackers to bypass the cross-site scripting XSS filter via vectors related to UI redressing...

CVE-2013-7451

The validator module before 1.1.0 for Node.js allows remote attackers to bypass the XSS filter via a nested tag...

CVE-2013-7452

The validator module before 1.1.0 for Node.js allows remote attackers to bypass the cross-site scripting XSS filter via a crafted javascript URI...

UBUNTU-CVE-2013-7452

The validator module before 1.1.0 for Node.js allows remote attackers to bypass the cross-site scripting XSS filter via a crafted javascript URI...