Latest critical severity vulnerabilities for "ibm watson query with cloud pak for data as a service" 2.0

IBM Data Virtualization on Cloud Pak for DataDOMPurify vulnerable to tampering by prototype polution

critical

9.1

First published (updated )

CVE-2024-48910

IBM Data Virtualization on Cloud Pak for DataDOMPurify nesting-based mXSS

critical

10

First published (updated )

CVE-2024-47875

maven/org.apache.cxf:cxf-rt-rs-service-descriptionApache CXF: SSRF vulnerability via WADL stylesheet parameter

critical

9.1

First published (updated )

CVE-2024-29736

ubuntu/node-ipSSRF

critical

9.8

First published (updated )

CVE-2023-42282

Babel (BabelJS NodeJS)Babel vulnerable to arbitrary code execution when compiling specifically crafted malicious code

critical

9.4

First published (updated )

CVE-2023-45133

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read More Start Free Trial

IBM Data Virtualization on Cloud Pak for DataVersions of the package tough-cookie before 4.1.3 are vulnerable to Prototype Pollution due to impro…

critical

9.8

First published (updated )

CVE-2023-26136

IBM Data Virtualization on Cloud Pak for DataStarcounter-Jack JSON-Patch prototype pollution

critical

9.8

First published (updated )

CVE-2021-4279

redhat/eap7-apache-cxfApache CXF SSRF Vulnerability

critical

9.8

First published (updated )

CVE-2022-46364

IBM Data Virtualization on Cloud Pak for DataRemote Code execution in SnakeYAML

critical

9.8

First published (updated )

CVE-2022-1471

FedoraGNU Libtasn1 before 4.19.0 has an ETYPE_OK off-by-one array size check that affects asn1_encode_simp…

critical

9.1

First published (updated )

CVE-2021-46848

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read More Start Free Trial

Juniper Security Threat Response ManagerApache commons_text(CVE-2022-42889) and commons_configuration (CVE-2022-33980) vulnerability

critical

9.8

First published (updated )

CVE-2022-42889

IBM Data Virtualization on Cloud Pak for DataPrototype pollution vulnerability in function parseQuery in parseQuery.js in webpack loader-utils 2.…

critical

9.8

First published (updated )

CVE-2022-37601

IBM Data Virtualization on Cloud Pak for DataCode Injection, Command Injection

critical

9.8

First published (updated )

CVE-2022-29078

IBM Data Virtualization on Cloud Pak for DataAuthorization Bypass Through User-Controlled Key in unshiftio/url-parse

critical

9.8

First published (updated )

CVE-2022-0691

IBM Data Virtualization on Cloud Pak for DataAuthorization Bypass Through User-Controlled Key in unshiftio/url-parse

critical

9.1

First published (updated )

CVE-2022-0686

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read More Start Free Trial

IBM Data Virtualization on Cloud Pak for DataUnauthenticated remote code injection in cron-utils

critical

10

First published (updated )

CVE-2021-41269

npm/set-valuePrototype Pollution

critical

9.8

First published (updated )

CVE-2021-23440

redhat jboss enterprise application platformLast updated 24 July 2024

critical

9.1

First published (updated )

CVE-2019-20445

redhat jboss enterprise application platformXSS

critical

9.1

First published (updated )

CVE-2019-20444

maven/com.fasterxml.jackson.core:jackson-databindInput Validation

critical

9.8

First published (updated )

CVE-2018-7489

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read More Start Free Trial

IBM Data Virtualization on Cloud Pak for DataDOMPurify vulnerable to tampering by prototype polution

IBM Data Virtualization on Cloud Pak for DataDOMPurify nesting-based mXSS

maven/org.apache.cxf:cxf-rt-rs-service-descriptionApache CXF: SSRF vulnerability via WADL stylesheet parameter

ubuntu/node-ipSSRF

Babel (BabelJS NodeJS)Babel vulnerable to arbitrary code execution when compiling specifically crafted malicious code

Never miss a vulnerability like this again

IBM Data Virtualization on Cloud Pak for DataVersions of the package tough-cookie before 4.1.3 are vulnerable to Prototype Pollution due to impro…

IBM Data Virtualization on Cloud Pak for DataStarcounter-Jack JSON-Patch prototype pollution

redhat/eap7-apache-cxfApache CXF SSRF Vulnerability

IBM Data Virtualization on Cloud Pak for DataRemote Code execution in SnakeYAML

FedoraGNU Libtasn1 before 4.19.0 has an ETYPE_OK off-by-one array size check that affects asn1_encode_simp…

Never miss a vulnerability like this again

Juniper Security Threat Response ManagerApache commons_text(CVE-2022-42889) and commons_configuration (CVE-2022-33980) vulnerability

IBM Data Virtualization on Cloud Pak for DataPrototype pollution vulnerability in function parseQuery in parseQuery.js in webpack loader-utils 2.…

IBM Data Virtualization on Cloud Pak for DataCode Injection, Command Injection

IBM Data Virtualization on Cloud Pak for DataAuthorization Bypass Through User-Controlled Key in unshiftio/url-parse

IBM Data Virtualization on Cloud Pak for DataAuthorization Bypass Through User-Controlled Key in unshiftio/url-parse

Never miss a vulnerability like this again

IBM Data Virtualization on Cloud Pak for DataUnauthenticated remote code injection in cron-utils

npm/set-valuePrototype Pollution

redhat jboss enterprise application platformLast updated 24 July 2024

redhat jboss enterprise application platformXSS

maven/com.fasterxml.jackson.core:jackson-databindInput Validation

Never miss a vulnerability like this again

Company

Resources

Contact