Lucene search
K

4 matches found

OSV
OSV
added 2026/02/18 11:22 a.m.4 views

OPENSUSE-SU-2026:20251-1 Security update for cockpit-repos

This update for cockpit-repos fixes the following issues: Update to version 4.7. Security issues fixed: - CVE-2025-13465: prototype pollution in the .unset and .omit functions can lead to deletion of methods from global bsc1257325. - CVE-2025-64718: js-yaml prototype pollution in merge bsc1255425...

8.2CVSS6.7AI score0.01535EPSS
Exploits0References4
IBM Security Bulletins
IBM Security Bulletins
added 2025/12/29 5:42 a.m.7 views

Security Bulletin: IBM Maximo Application Suite uses multiple third party dependencies which are vulnerable to CVEs.

Summary IBM Maximo Application Suite uses "tomcat-embed-core-10.1.46.jar, js-yaml-4.1.0.tgz, keras-2.14.0-py3-none-any.whl, logback-core-1.5.18.jar, werkzeug-3.0.6-py3-none-any.whl" which are vulnerable to "CVE-2025-61795, CVE-2025-64718, CVE-2025-12058, CVE-2025-11226, CVE-2025-66221". This...

7CVSS7.6AI score0.01139EPSS
Exploits0Affected Software1
Chainguard
Chainguard
added 2025/11/21 1:26 a.m.7 views

CVE-2025-64718 vulnerabilities

Vulnerabilities for packages: vitess, librechat, sqlpad, langfuse, drupal, prism, pulumi, gitlab-rails-ce, kibana, kubeflow-pipelines, saf, semaphore, thingsboard, redisinsight, lerna, opensearch-dashboards-fips, jitsucom-jitsu, code-server, arangodb, argo-workflows, gitlab-rails-ce-fips, eslint,...

5.3CVSS6.4AI score0.00414EPSS
Exploits0
Debian CVE
Debian CVE
added 2025/11/13 3:32 p.m.6 views

CVE-2025-64718

js-yaml is a JavaScript YAML parser and dumper. In js-yaml before 4.1.1 and 3.14.2, it's possible for an attacker to modify the prototype of the result of a parsed yaml document via prototype pollution proto. All users who parse untrusted yaml documents may be impacted. The problem is patched in...

5.3CVSS6.2AI score0.00414EPSS
Exploits0
Rows per page
Query Builder