Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBMADFE973D8DE75277E9EFC45721D8E95AA276E7A47E8AD912E51F9030BD45EBD5
HistoryJun 17, 2019 - 4:45 p.m.

Security Bulletin: Potential denial of service vulnerability in IBM Decision Optimization for Watson Studio Local

2019-06-1716:45:01
www.ibm.com
11

0.002 Low

EPSS

Percentile

64.5%

JSON

Summary

There is a potential denial of service vulnerability in IBM Decision Optimization for Watson Studio Local

Vulnerability Details

CVEID:CVE-2019-5428
**DESCRIPTION:*Node.js jQuery module is vulnerable to a denial of service, caused by a prototype pollution flaw. By sending a specially-crafted request to inject properties on Object.prototype, a remote attacker could exploit this vulnerability to cause a denial of service condition.
CVSS Base Score: 5.3
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/160026&gt; for the current score
CVSS Environmental Score: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

Affected Products and Versions

Affected Watson Studio (Decision Optimization) Affected Versions
IBM Decision Optimization for Watson Studio Local 1.2.3.x and and earlier releases

Remediation/Fixes

Node.js jQuery module v3.4.0 and subsequent releases

You are strongly encourage to upgrade to IBM Decision Optimization for Watson Studio Local 1.2.3.2

Workarounds and Mitigations

None

Related

ibm 1
github 1
cvelist 1
nodejs 1
cve 1
nvd 1
openvas 1
githubexploit 2
kitploit 1
oracle 1
ibm
ibm
Security Bulletin: Secure Gateway is affected by a Denial of Service vulnerability (CVE-2019-5428)
2019-07-29 18:44:19
github
github
Duplicate Advisory: Prototype Pollution in jquery
2019-04-23 15:59:10
cvelist
cvelist
CVE-2019-5428
2019-04-22 20:41:25
nodejs
nodejs
Prototype Pollution
2019-04-02 21:06:11
cve
cve
CVE-2019-5428
2019-04-22 21:29:00
nvd
nvd
CVE-2019-5428
2019-04-22 21:29:00
openvas
openvas
jQuery < 3.4.0 Object Extensions Vulnerability
2019-04-25 00:00:00
githubexploit
githubexploit
Exploit for Cross-site Scripting in Jquery
2019-03-30 10:03:36
Exploit for Cross-site Scripting in Jquery
2020-04-14 19:12:01
kitploit
kitploit
Trivy - A Simple And Comprehensive Vulnerability Scanner For Containers, Suitable For CI
2019-11-05 12:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - April 2021
2021-04-20 00:00:00

0.002 Low

EPSS

Percentile

64.5%

JSON
Related for ADFE973D8DE75277E9EFC45721D8E95AA276E7A47E8AD912E51F9030BD45EBD5
ibm1github1cvelist1nodejs1cve1nvd1openvas1githubexploit2kitploit1oracle1