18 matches found
ROOT-APP-NPM-CVE-2025-13465 CVE-2025-13465 in @rootio/lodash - Patched by Root
Root has patched CVE-2025-13465 in the @rootio/lodash package for Root:npm. Multiple fixed versions available...
Security Bulletin: IBM InfoSphere Optim Archive Viewer is affected by a vulnerability in Lodash and Lodash-es (CVE-2025-13465)
Summary A prototype pollution vulnerability in the Lodash and Lodash-es libraries CVE-2025-13465 used by IBM InfoSphere Optim Archive Viewer has been addressed by upgrading to version 4.18.0. Vulnerability Details CVEID:CVE-2025-13465 DESCRIPTION: Lodash versions 4.0.0 through 4.17.22 are...
redux-queue-offline (=0.4.1) potentially affected by CVE-2025-13465 +1 more via lodash.unset (=4.0.2)
lodash.unset NPM version =4.0.2 is affected by a known vulnerability. The following packages have a transitive dependency on lodash.unset and may be impacted: - redux-queue-offline =0.4.1 Source cves: CVE-2025-13465, CVE-2026-2950 Source advisory: SNYK:JS-LODASHUNSET-15869620...
@dojo/cli-test-intern (>=0.1.0 <=2.0.0-beta3.1), express_mvc (>=4.1.1 <=4.3.10) +7 more potentially affected by CVE-2025-13465 +1 more via lodash-amd (>=4.16.4 <=4.17.23)
lodash-amd NPM version =4.16.4, =0.1.0, =4.1.1, =3.4.0, =0.0.1, =1.0.14, =0.0.7, =0.0.1, =0.1.5 - xirtam--matrix-operations =0.1.3 Source cves: CVE-2025-13465, CVE-2026-2950 Source advisory: SNYK:JS-LODASHAMD-15869622...
SUSE: Security Advisory (SUSE-SU-2026:20576-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory (FEDORA-2026-889607c7a0)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
OPENSUSE-SU-2026:20251-1 Security update for cockpit-repos
This update for cockpit-repos fixes the following issues: Update to version 4.7. Security issues fixed: - CVE-2025-13465: prototype pollution in the .unset and .omit functions can lead to deletion of methods from global bsc1257325. - CVE-2025-64718: js-yaml prototype pollution in merge bsc1255425...
Important: Red Hat Security Advisory: OpenShift Container Platform 4.17.49 bug fix and security update
Red Hat OpenShift Container Platform release 4.17.49 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.17. Red Hat Product Security has rated this update as having a...
SUSE-SU-2026:20576-1 Security update for cockpit-machines, cockpit
This update for cockpit-machines, cockpit fixes the following issues: - CVE-2025-13465: Update the lodash dependencie to avoid prototype pollution. bsc1257324 Changes in cockpit-machines: - Update to 346 346 - Performance improvements - Translation updates 345 - New virtual machines don't get SPI...
Important: Red Hat Security Advisory: pcs security update
An update for pcs is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for eac...
pcs security update
0.12.1-1.el101.2 - Fixed CVE-2025-13465 by updating pcs-web-ui to 0.1.23.1 Resolves: RHEL-144292...
cockpit-machines-346-2.1 on GA media (moderate)
cockpit-machines-346-2.1 on GA media Announcement ID: openSUSE-SU-2026:10147-1 Rating: moderate Cross-References: CVE-2025-13465 CVSS scores: CVE-2025-13465 SUSE : 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H CVE-2025-13465 SUSE : 8.8...
cockpit-subscriptions-14.4-2.1 on GA media (moderate)
cockpit-subscriptions-14.4-2.1 on GA media Announcement ID: openSUSE-SU-2026:10150-1 Rating: moderate Cross-References: CVE-2025-13465 CVSS scores: CVE-2025-13465 SUSE : 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H CVE-2025-13465 SUSE : 8.8...
Fedora: Security Advisory (FEDORA-2026-a75abb3f2b)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory (FEDORA-2026-abd2d2d60c)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 42 : python-jupytext (2026-d3c5092654)
The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-d3c5092654 advisory. See https://github.com/mwouts/jupytext/blob/main/CHANGELOG.md for changes in versions 1.19.0 and 1.19.1. This update contains a fix for CVE-2025-13465. Tenab...
CVE-2025-13465 vulnerabilities
Vulnerabilities for packages: json-server, prism, langfuse, jitsucom-jitsu, py3-jupyterlab, vitess, saf, kubeflow-centraldashboard, renovate, argo-workflows, npm-lodash, opensearch-dashboards, sqlpad, kubeflow-pipelines, ts-patch...
CVE-2025-13465 vulnerabilities
Vulnerabilities for packages: kubeflow-centraldashboard, npm-lodash, vitess, jitsucom-jitsu, sqlpad, pelias-api, opensearch-dashboards, prism, renovate, saf, py3-jupyterlab, argo-workflows, kibana, json-server, ts-patch, arangodb, redisinsight, librechat, langfuse, drupal,...