6 matches found
RLSA-2026:19167 Important: pcs security update
The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Security Fixes: lodash: lodash: Arbitrary code execution via untrusted input in template imports CVE-2026-4800 For more details about the security issues, including the impact, a CVSS score,...
RHEL 10 : pcs (RHSA-2026:10713)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:10713 advisory. The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Security Fixes: lodash: lodash: Arbitrary co...
Fedora 42 : yarnpkg (2026-7a6943e57d)
The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-7a6943e57d advisory. Refresh vendor bundle, fixes CVE-2026-4800. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessu...
CVE-2026-4800 vulnerabilities
Vulnerabilities for packages: jitsucom-jitsu, ts-patch, kubeflow-pipelines, opensearch-dashboards, kubeflow-centraldashboard, py3-jupyterlab, renovate, kubeflow-katib, code-server, tensorflow-cpu-jupyter, argo-workflows, prism, langfuse, json-server, saf, vitess, sqlpad, npm...
Linux Distros Unpatched Vulnerability : CVE-2026-4800
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Impact: The fix for CVE-2021-23337 https://github.com/advisories/GHSA-35jh-r3h4-6jhm added validation for the variable option in .template but did not apply the...
org.webjars.npm:angular-tree-component (>=3.2.3 <=3.7.2), org.webjars.npm:chevrotain (>=11.0.3 <=11.1.2) +72 more potentially affected by CVE-2021-23337 +1 more via org.webjars.npm:lodash-es (>=4.17.21 <=4.17.4)
org.webjars.npm:lodash-es MAVEN version =4.17.21, =3.2.3, =11.0.3, =11.0.3, =11.0.3, =39.0.1, =39.0.1, =39.0.1, =39.0.1, =39.0.1, =39.0.1, =39.0.1, =44.1.0, =39.0.1, =44.3.0 and more Source cves: CVE-2021-23337, CVE-2026-4800 Source advisory: SNYK:JAVA-ORGWEBJARSNPM-15869632...