11 matches found
CVE-2026-45736
ws is an open source WebSocket client and server for Node.js. Prior to 8.20.1, the websocket.close implementation is vulnerable to uninitialized memory disclosure when a TypedArray is passed as the reason argument. This vulnerability is fixed in 8.20.1...
CVE-2026-45736
ws is an open source WebSocket client and server for Node.js. Prior to 8.20.1, the websocket.close implementation is vulnerable to uninitialized memory disclosure when a TypedArray is passed as the reason argument. This vulnerability is fixed in 8.20.1...
UBUNTU-CVE-2026-45736
ws is an open source WebSocket client and server for Node.js. Prior to 8.20.1, the websocket.close implementation is vulnerable to uninitialized memory disclosure when a TypedArray is passed as the reason argument. This vulnerability is fixed in 8.20.1...
CVE-2026-45736 ws: Uninitialized memory disclosure
ws is an open source WebSocket client and server for Node.js. Prior to 8.20.1, the websocket.close implementation is vulnerable to uninitialized memory disclosure when a TypedArray is passed as the reason argument. This vulnerability is fixed in 8.20.1...
CVE-2026-45736
Summary: CVE-2026-45736 affects the ws project (WebSocket client/server for Node.js). Prior to version 8.20.1, ws.close() could disclose uninitialized memory when a TypedArray is passed as the reason argument. The issue is fixed in ws 8.20.1. Affected component: ws websocket.close() implementatio...
CVE-2026-45736
ws is an open source WebSocket client and server for Node.js. Prior to 8.20.1, the websocket.close implementation is vulnerable to uninitialized memory disclosure when a TypedArray is passed as the reason argument. This vulnerability is fixed in 8.20.1...
ws 安全漏洞
WS is a Node.js WebSocket library open source under WebSockets. Versions of WS prior to 8.20.1 contained a security vulnerability, which stemmed from an initialization memory leak when TypedArray was used as a reason parameter in the websocket.close implementation...
PT-2026-41307
Name of the Vulnerable Software and Affected Versions ws versions prior to 8.20.1 Description ws is an open source WebSocket client and server for Node.js. The websocket.close function is susceptible to uninitialized memory disclosure, which occurs when a TypedArray is provided as the reason...
Atlassian Jira < 8.20.1 Improper Authorization
According to its self-reported version number, the instance of Atlassian Jira hosted on the remote web server is prior to 8.20.1. It is, therefore, affected by a vulnerability allowing authenticated but non-admin remote attackers to edit email batch configurations via an Improper Authorization...
Improper access control
Affected versions of Atlassian Jira Server and Data Center allow authenticated yet non-administrator remote attackers to edit the File Replication settings via a Broken Access Control vulnerability in the ReplicationSettings!default.jspa endpoint. The affected versions are before version 8.6.0,...
Non-administrators can edit the File Replication settings - CVE-2021-41308
Affected versions of Atlassian Jira Server and Data Center allow authenticated yet non-administrator remote attackers to edit the File Replication settings via a Broken Access Control vulnerability in the ReplicationSettings!default.jspa endpoint. The affected versions are before version 8.6.0,...