Tuesday, July 2, 2024 Security Releases
Summary The Node.js project will release new versions of the 22.x, 20.x, 18.x releases lines on or shortly after, Tuesday, July 2, 2024 in order to address: 1 high severity issues. 2 medium severity issues. 3 low severity issues. Node.js fetch will be upgraded to undici v6.19.2 on Node.js 18.x...
7AI Score
marysedemay.com Cross Site Scripting vulnerability OBB-3939713
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
renobains.com Cross Site Scripting vulnerability OBB-3939712
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
A vulnerability classified as problematic was found in Ingenico Estate Manager 2023. Affected by this vulnerability is an unknown functionality of the file /emgui/rest/preferences/PREF_HOME_PAGE/sponsor/3/ of the component New Widget Handler. The manipulation of the argument URL leads to cross...
2.4CVSS
EPSS
A vulnerability classified as problematic was found in Ingenico Estate Manager 2023. Affected by this vulnerability is an unknown functionality of the file /emgui/rest/preferences/PREF_HOME_PAGE/sponsor/3/ of the component New Widget Handler. The manipulation of the argument URL leads to cross...
2.4CVSS
3.4AI Score
EPSS
CVE-2024-6415 Ingenico Estate Manager New Widget cross site scripting
A vulnerability classified as problematic was found in Ingenico Estate Manager 2023. Affected by this vulnerability is an unknown functionality of the file /emgui/rest/preferences/PREF_HOME_PAGE/sponsor/3/ of the component New Widget Handler. The manipulation of the argument URL leads to cross...
2.4CVSS
EPSS
A vulnerability classified as problematic has been found in Parsec Automation TrakSYS 11.x.x. Affected is an unknown function of the file TS/export/contentpage of the component Export Page. The manipulation of the argument ID leads to direct request. It is possible to launch the attack remotely....
5.3CVSS
EPSS
A vulnerability classified as problematic has been found in Parsec Automation TrakSYS 11.x.x. Affected is an unknown function of the file TS/export/contentpage of the component Export Page. The manipulation of the argument ID leads to direct request. It is possible to launch the attack remotely....
5.3CVSS
5.4AI Score
EPSS
CVE-2021-3996 affecting package util-linux 2.32.1-7
CVE-2021-3996 affecting package util-linux 2.32.1-7. This CVE either no longer is or was never...
5.5CVSS
5.9AI Score
0.0004EPSS
CVE-2021-3995 affecting package util-linux 2.32.1-7
CVE-2021-3995 affecting package util-linux 2.32.1-7. This CVE either no longer is or was never...
5.5CVSS
5.9AI Score
0.0004EPSS
CVE-2023-44487 affecting package prometheus-adapter for versions less than 0.10.0-2
CVE-2023-44487 affecting package prometheus-adapter for versions less than 0.10.0-2. A patched version of the package is...
7.5CVSS
8.2AI Score
0.732EPSS
CVE-2023-44487 affecting package kata-containers-cc for versions less than 0.6.1-2
CVE-2023-44487 affecting package kata-containers-cc for versions less than 0.6.1-2. A patched version of the package is...
7.5CVSS
8.9AI Score
0.732EPSS
CVE-2023-24537 affecting package golang for versions less than 1.20.7-1
CVE-2023-24537 affecting package golang for versions less than 1.20.7-1. A patched version of the package is...
7.5CVSS
7.8AI Score
0.001EPSS
CVE-2023-44487 affecting package flannel for versions less than 0.14.0-18
CVE-2023-44487 affecting package flannel for versions less than 0.14.0-18. A patched version of the package is...
7.5CVSS
8.2AI Score
0.732EPSS
CVE-2023-44487 affecting package containerized-data-importer for versions less than 1.55.0-15
CVE-2023-44487 affecting package containerized-data-importer for versions less than 1.55.0-15. A patched version of the package is...
7.5CVSS
8.5AI Score
0.732EPSS
CVE-2023-44487 affecting package cert-manager for versions less than 1.11.2-5
CVE-2023-44487 affecting package cert-manager for versions less than 1.11.2-5. A patched version of the package is...
7.5CVSS
8.2AI Score
0.732EPSS
CVE-2022-24963 affecting package apr for versions less than 1.7.2-1
CVE-2022-24963 affecting package apr for versions less than 1.7.2-1. A patched version of the package is...
9.8CVSS
6.9AI Score
0.059EPSS
CVE-2023-44487 affecting package kata-containers for versions less than 3.1.0-8
CVE-2023-44487 affecting package kata-containers for versions less than 3.1.0-8. A patched version of the package is...
7.5CVSS
8.9AI Score
0.732EPSS
CVE-2023-29403 affecting package golang for versions less than 1.20.7-1
CVE-2023-29403 affecting package golang for versions less than 1.20.7-1. A patched version of the package is...
7.8CVSS
7.8AI Score
0.001EPSS
CVE-2023-39318 affecting package golang for versions less than 1.20.10-1
CVE-2023-39318 affecting package golang for versions less than 1.20.10-1. A patched version of the package is...
6.1CVSS
6.5AI Score
0.001EPSS
CVE-2023-39325 affecting package vitess for versions less than 16.0.2-5
CVE-2023-39325 affecting package vitess for versions less than 16.0.2-5. An upgraded version of the package is available that resolves this...
7.5CVSS
8.3AI Score
0.002EPSS
CVE-2023-44487 affecting package vitess for versions less than 16.0.2-5
CVE-2023-44487 affecting package vitess for versions less than 16.0.2-5. An upgraded version of the package is available that resolves this...
7.5CVSS
8.8AI Score
0.732EPSS
CVE-2023-45853 affecting package rubygem-mini_portile2 for versions less than 2.8.0-1
CVE-2023-45853 affecting package rubygem-mini_portile2 for versions less than 2.8.0-1. A patched version of the package is...
9.8CVSS
9.7AI Score
0.001EPSS
CVE-2023-44487 affecting package prometheus for versions less than 2.37.0-10
CVE-2023-44487 affecting package prometheus for versions less than 2.37.0-10. A patched version of the package is...
7.5CVSS
8.2AI Score
0.732EPSS
CVE-2023-44487 affecting package packer for versions less than 1.8.1-14
CVE-2023-44487 affecting package packer for versions less than 1.8.1-14. A patched version of the package is...
7.5CVSS
8.2AI Score
0.732EPSS
CVE-2023-48795 affecting package nmap for versions less than 7.93-2
CVE-2023-48795 affecting package nmap for versions less than 7.93-2. A patched version of the package is...
5.9CVSS
6.2AI Score
0.963EPSS
CVE-2023-44487 affecting package kube-vip-cloud-provider for versions less than 0.0.2-12
CVE-2023-44487 affecting package kube-vip-cloud-provider for versions less than 0.0.2-12. A patched version of the package is...
7.5CVSS
8.2AI Score
0.732EPSS
CVE-2023-44487 affecting package keda for versions less than 2.4.0-14
CVE-2023-44487 affecting package keda for versions less than 2.4.0-14. A patched version of the package is...
7.5CVSS
8.2AI Score
0.732EPSS
CVE-2023-39319 affecting package golang for versions less than 1.20.10-1
CVE-2023-39319 affecting package golang for versions less than 1.20.10-1. A patched version of the package is...
6.1CVSS
6.5AI Score
0.001EPSS
CVE-2023-44487 affecting package cf-cli for versions less than 8.4.0-13
CVE-2023-44487 affecting package cf-cli for versions less than 8.4.0-13. A patched version of the package is...
7.5CVSS
8.2AI Score
0.732EPSS
CVE-2024-24788 affecting package golang for versions less than 1.22.3-1
CVE-2024-24788 affecting package golang for versions less than 1.22.3-1. A patched version of the package is...
7.3AI Score
0.0004EPSS
CVE-2024-30204 affecting package emacs for versions less than 29.3
CVE-2024-30204 affecting package emacs for versions less than 29.3. A patched version of the package is...
7.3AI Score
0.0005EPSS
CVE-2023-3817 affecting package rust for versions less than 1.68.2-5
CVE-2023-3817 affecting package rust for versions less than 1.68.2-5. A patched version of the package is...
5.3CVSS
5.7AI Score
0.002EPSS
CVE-2023-44487 affecting package opa for versions less than 0.50.2-6
CVE-2023-44487 affecting package opa for versions less than 0.50.2-6. A patched version of the package is...
7.5CVSS
8.2AI Score
0.732EPSS
CVE-2023-44487 affecting package kubernetes for versions less than 1.28.3-1
CVE-2023-44487 affecting package kubernetes for versions less than 1.28.3-1. A patched version of the package is...
7.5CVSS
8.9AI Score
0.732EPSS
CVE-2023-29406 affecting package golang for versions less than 1.20.7-1
CVE-2023-29406 affecting package golang for versions less than 1.20.7-1. A patched version of the package is...
6.5CVSS
6.8AI Score
0.001EPSS
CVE-2023-39323 affecting package golang for versions less than 1.20.10-1
CVE-2023-39323 affecting package golang for versions less than 1.20.10-1. A patched version of the package is...
8.1CVSS
8.2AI Score
0.002EPSS
CVE-2023-29409 affecting package golang for versions less than 1.20.7-1
CVE-2023-29409 affecting package golang for versions less than 1.20.7-1. A patched version of the package is...
5.3CVSS
5.6AI Score
0.001EPSS
CVE-2023-44487 affecting package cmake for versions less than 3.21.4-10
CVE-2023-44487 affecting package cmake for versions less than 3.21.4-10. A patched version of the package is...
7.5CVSS
8.2AI Score
0.732EPSS
CVE-2023-39325 affecting package cert-manager for versions less than 1.11.2-5
CVE-2023-39325 affecting package cert-manager for versions less than 1.11.2-5. A patched version of the package is...
7.5CVSS
7.8AI Score
0.002EPSS
CVE-2023-44487 affecting package coredns for versions less than 1.11.1-1
CVE-2023-44487 affecting package coredns for versions less than 1.11.1-1. A patched version of the package is...
7.5CVSS
8.2AI Score
0.732EPSS
CVE-2023-44487 affecting package node-problem-detector for versions less than 0.8.10-16
CVE-2023-44487 affecting package node-problem-detector for versions less than 0.8.10-16. A patched version of the package is...
7.5CVSS
8.2AI Score
0.732EPSS
CVE-2023-44487 affecting package multus for versions less than 3.8-12
CVE-2023-44487 affecting package multus for versions less than 3.8-12. A patched version of the package is...
7.5CVSS
8.2AI Score
0.732EPSS
CVE-2023-24538 affecting package golang for versions less than 1.19.8-1
CVE-2023-24538 affecting package golang for versions less than 1.19.8-1. A patched version of the package is...
9.8CVSS
9.8AI Score
0.003EPSS
CVE-2023-29400 affecting package golang for versions less than 1.20.7-1
CVE-2023-29400 affecting package golang for versions less than 1.20.7-1. A patched version of the package is...
7.3CVSS
7.4AI Score
0.001EPSS
CVE-2023-39325 affecting package coredns for versions less than 1.9.3-9
CVE-2023-39325 affecting package coredns for versions less than 1.9.3-9. A patched version of the package is...
7.5CVSS
7.8AI Score
0.002EPSS
CVE-2023-24539 affecting package golang for versions less than 1.20.7-1
CVE-2023-24539 affecting package golang for versions less than 1.20.7-1. A patched version of the package is...
7.3CVSS
7.4AI Score
0.001EPSS
CVE-2023-29405 affecting package golang for versions less than 1.20.7-1
CVE-2023-29405 affecting package golang for versions less than 1.20.7-1. A patched version of the package is...
9.8CVSS
9.7AI Score
0.005EPSS
CVE-2022-41724 affecting package golang for versions less than 1.19.6-1
CVE-2022-41724 affecting package golang for versions less than 1.19.6-1. A patched version of the package is...
7.5CVSS
7.8AI Score
0.001EPSS
CVE-2023-39325 affecting package golang for versions less than 1.20.7-2
CVE-2023-39325 affecting package golang for versions less than 1.20.7-2. A patched version of the package is...
7.5CVSS
7.8AI Score
0.002EPSS