FKIE_CVE-2026-44494

Vulnerability from fkie_nvd - Published: 2026-06-11 17:16 - Updated: 2026-07-08 13:16
Summary
Axios is a promise based HTTP client for the browser and Node.js. From 1.0.0 to before 1.16.0, the Axios library is vulnerable to a Prototype Pollution "Gadget" attack that allows any Object.prototype pollution in the application's dependency tree to be escalated into a full Man-in-the-Middle (MITM) attack — intercepting, reading, and modifying all HTTP traffic including authentication credentials. The HTTP adapter at lib/adapters/http.js:670 reads config.proxy via standard property access, which traverses the prototype chain. Because proxy is not present in Axios defaults, the merged config object has no own proxy property, making it trivially injectable via prototype pollution. Once injected, setProxy() routes all HTTP requests through the attacker's proxy server. This vulnerability is fixed in 1.16.0.
References
security-advisories@github.comhttps://github.com/axios/axios/security/advisories/GHSA-35jp-ww65-95whExploit, Mitigation, Vendor Advisory
0b0ca135-0b70-47e7-9f44-1890c2a1c46chttps://access.redhat.com/errata/RHSA-2026:20889
0b0ca135-0b70-47e7-9f44-1890c2a1c46chttps://access.redhat.com/errata/RHSA-2026:20938
0b0ca135-0b70-47e7-9f44-1890c2a1c46chttps://access.redhat.com/errata/RHSA-2026:26234
0b0ca135-0b70-47e7-9f44-1890c2a1c46chttps://access.redhat.com/errata/RHSA-2026:27044
0b0ca135-0b70-47e7-9f44-1890c2a1c46chttps://access.redhat.com/errata/RHSA-2026:28964
0b0ca135-0b70-47e7-9f44-1890c2a1c46chttps://access.redhat.com/errata/RHSA-2026:29082
0b0ca135-0b70-47e7-9f44-1890c2a1c46chttps://access.redhat.com/errata/RHSA-2026:29197
0b0ca135-0b70-47e7-9f44-1890c2a1c46chttps://access.redhat.com/errata/RHSA-2026:29800
0b0ca135-0b70-47e7-9f44-1890c2a1c46chttps://access.redhat.com/errata/RHSA-2026:29864
0b0ca135-0b70-47e7-9f44-1890c2a1c46chttps://access.redhat.com/errata/RHSA-2026:30650
0b0ca135-0b70-47e7-9f44-1890c2a1c46chttps://access.redhat.com/errata/RHSA-2026:30651
0b0ca135-0b70-47e7-9f44-1890c2a1c46chttps://access.redhat.com/errata/RHSA-2026:33005
0b0ca135-0b70-47e7-9f44-1890c2a1c46chttps://access.redhat.com/errata/RHSA-2026:33155
0b0ca135-0b70-47e7-9f44-1890c2a1c46chttps://access.redhat.com/errata/RHSA-2026:33160
0b0ca135-0b70-47e7-9f44-1890c2a1c46chttps://access.redhat.com/errata/RHSA-2026:33163
0b0ca135-0b70-47e7-9f44-1890c2a1c46chttps://access.redhat.com/errata/RHSA-2026:33173
0b0ca135-0b70-47e7-9f44-1890c2a1c46chttps://access.redhat.com/errata/RHSA-2026:33183
0b0ca135-0b70-47e7-9f44-1890c2a1c46chttps://access.redhat.com/errata/RHSA-2026:33574
0b0ca135-0b70-47e7-9f44-1890c2a1c46chttps://access.redhat.com/errata/RHSA-2026:34525
0b0ca135-0b70-47e7-9f44-1890c2a1c46chttps://access.redhat.com/errata/RHSA-2026:34527
0b0ca135-0b70-47e7-9f44-1890c2a1c46chttps://access.redhat.com/errata/RHSA-2026:34530
0b0ca135-0b70-47e7-9f44-1890c2a1c46chttps://access.redhat.com/errata/RHSA-2026:34794
0b0ca135-0b70-47e7-9f44-1890c2a1c46chttps://access.redhat.com/errata/RHSA-2026:36108
0b0ca135-0b70-47e7-9f44-1890c2a1c46chttps://access.redhat.com/security/cve/CVE-2026-44494
0b0ca135-0b70-47e7-9f44-1890c2a1c46chttps://bugzilla.redhat.com/show_bug.cgi?id=2487942
134c704f-9b21-4f2e-91b3-4a467353bcc0https://github.com/axios/axios/security/advisories/GHSA-35jp-ww65-95whExploit, Mitigation, Vendor Advisory
0b0ca135-0b70-47e7-9f44-1890c2a1c46chttps://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-44494.json
Impacted products
Vendor Product Version
axios axios *

{
  "affected": [
    {
      "affectedData": [
        {
          "product": "axios",
          "vendor": "axios",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e= 1.0.0, \u003c 1.16.0"
            }
          ]
        }
      ],
      "source": "security-advisories@github.com"
    },
    {
      "affectedData": [
        {
          "cpes": [
            "cpe:/a:redhat:acm:2.13::el9"
          ],
          "defaultStatus": "affected",
          "product": "Red Hat Advanced Cluster Management for Kubernetes 2.13",
          "vendor": "Red Hat"
        },
        {
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.10::el8"
          ],
          "defaultStatus": "affected",
          "product": "Red Hat Advanced Cluster Security for Kubernetes 4.10",
          "vendor": "Red Hat"
        },
        {
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.9::el8"
          ],
          "defaultStatus": "affected",
          "product": "Red Hat Advanced Cluster Security for Kubernetes 4.9",
          "vendor": "Red Hat"
        },
        {
          "cpes": [
            "cpe:/a:redhat:container_native_virtualization:4.13::el9"
          ],
          "defaultStatus": "affected",
          "product": "Red Hat Container Native Virtualization 4.13",
          "vendor": "Red Hat"
        },
        {
          "cpes": [
            "cpe:/a:redhat:container_native_virtualization:4.14::el9"
          ],
          "defaultStatus": "affected",
          "product": "Red Hat Container Native Virtualization 4.14",
          "vendor": "Red Hat"
        },
        {
          "cpes": [
            "cpe:/a:redhat:rhdh:1.9::el9"
          ],
          "defaultStatus": "affected",
          "product": "Red Hat Developer Hub 1.9",
          "vendor": "Red Hat"
        },
        {
          "cpes": [
            "cpe:/a:redhat:discovery:2::el9"
          ],
          "defaultStatus": "affected",
          "product": "Red Hat Discovery 2",
          "vendor": "Red Hat"
        },
        {
          "cpes": [
            "cpe:/a:redhat:openshift:4.15::el9"
          ],
          "defaultStatus": "affected",
          "product": "Red Hat OpenShift Container Platform 4.15",
          "vendor": "Red Hat"
        },
        {
          "cpes": [
            "cpe:/a:redhat:openshift:4.16::el9"
          ],
          "defaultStatus": "affected",
          "product": "Red Hat OpenShift Container Platform 4.16",
          "vendor": "Red Hat"
        },
        {
          "cpes": [
            "cpe:/a:redhat:openshift:4.19::el9"
          ],
          "defaultStatus": "affected",
          "product": "Red Hat OpenShift Container Platform 4.19",
          "vendor": "Red Hat"
        },
        {
          "cpes": [
            "cpe:/a:redhat:openshift:4.20::el9"
          ],
          "defaultStatus": "affected",
          "product": "Red Hat OpenShift Container Platform 4.20",
          "vendor": "Red Hat"
        },
        {
          "cpes": [
            "cpe:/a:redhat:openshift:4.21::el9"
          ],
          "defaultStatus": "affected",
          "product": "Red Hat OpenShift Container Platform 4.21",
          "vendor": "Red Hat"
        },
        {
          "cpes": [
            "cpe:/a:redhat:openshift:4.22::el9"
          ],
          "defaultStatus": "affected",
          "product": "Red Hat OpenShift Container Platform 4.22",
          "vendor": "Red Hat"
        },
        {
          "cpes": [
            "cpe:/a:redhat:service_mesh:2.6::el8"
          ],
          "defaultStatus": "affected",
          "product": "Red Hat OpenShift Service Mesh 2.6",
          "vendor": "Red Hat"
        },
        {
          "cpes": [
            "cpe:/a:redhat:service_mesh:3.0::el9"
          ],
          "defaultStatus": "affected",
          "product": "Red Hat OpenShift Service Mesh 3.0",
          "vendor": "Red Hat"
        },
        {
          "cpes": [
            "cpe:/a:redhat:service_mesh:3.1::el9"
          ],
          "defaultStatus": "affected",
          "product": "Red Hat OpenShift Service Mesh 3.1",
          "vendor": "Red Hat"
        },
        {
          "cpes": [
            "cpe:/a:redhat:service_mesh:3.2::el9"
          ],
          "defaultStatus": "affected",
          "product": "Red Hat OpenShift Service Mesh 3.2",
          "vendor": "Red Hat"
        },
        {
          "cpes": [
            "cpe:/a:redhat:service_mesh:3.3::el9"
          ],
          "defaultStatus": "affected",
          "product": "Red Hat OpenShift Service Mesh 3.3",
          "vendor": "Red Hat"
        },
        {
          "cpes": [
            "cpe:/a:redhat:satellite:6.19::el9"
          ],
          "defaultStatus": "affected",
          "product": "Red Hat Satellite 6.19",
          "vendor": "Red Hat"
        },
        {
          "cpes": [
            "cpe:/a:redhat:multicluster_engine:2.8::el9"
          ],
          "defaultStatus": "affected",
          "product": "multicluster engine for Kubernetes 2.8",
          "vendor": "Red Hat"
        },
        {
          "cpes": [
            "cpe:/a:redhat:cryostat:4"
          ],
          "defaultStatus": "affected",
          "product": "Cryostat 4",
          "vendor": "Red Hat"
        },
        {
          "cpes": [
            "cpe:/a:redhat:migration_toolkit_applications:8"
          ],
          "defaultStatus": "affected",
          "product": "Migration Toolkit for Applications 8",
          "vendor": "Red Hat"
        },
        {
          "cpes": [
            "cpe:/a:redhat:rhmt:1"
          ],
          "defaultStatus": "affected",
          "product": "Migration Toolkit for Containers",
          "vendor": "Red Hat"
        },
        {
          "cpes": [
            "cpe:/a:redhat:network_observ_optr:1"
          ],
          "defaultStatus": "affected",
          "product": "Network Observability Operator",
          "vendor": "Red Hat"
        },
        {
          "cpes": [
            "cpe:/a:redhat:openshift_pipelines:1"
          ],
          "defaultStatus": "affected",
          "product": "OpenShift Pipelines",
          "vendor": "Red Hat"
        },
        {
          "cpes": [
            "cpe:/a:redhat:amq_broker:7"
          ],
          "defaultStatus": "affected",
          "product": "Red Hat AMQ Broker 7",
          "vendor": "Red Hat"
        },
        {
          "cpes": [
            "cpe:/a:redhat:ansible_automation_platform:2"
          ],
          "defaultStatus": "affected",
          "product": "Red Hat Ansible Automation Platform 2",
          "vendor": "Red Hat"
        },
        {
          "cpes": [
            "cpe:/a:redhat:apache_camel_hawtio:4"
          ],
          "defaultStatus": "affected",
          "product": "Red Hat build of Apache Camel - HawtIO 4",
          "vendor": "Red Hat"
        },
        {
          "cpes": [
            "cpe:/a:redhat:apicurio_registry:3"
          ],
          "defaultStatus": "affected",
          "product": "Red Hat build of Apicurio Registry 3",
          "vendor": "Red Hat"
        },
        {
          "cpes": [
            "cpe:/a:redhat:podman_desktop:0"
          ],
          "defaultStatus": "affected",
          "product": "Red Hat Build of Podman Desktop - Tech Preview",
          "vendor": "Red Hat"
        },
        {
          "cpes": [
            "cpe:/a:redhat:jboss_data_grid:8"
          ],
          "defaultStatus": "affected",
          "product": "Red Hat Data Grid 8",
          "vendor": "Red Hat"
        },
        {
          "cpes": [
            "cpe:/a:redhat:enterprise_linux_ai:3"
          ],
          "defaultStatus": "affected",
          "product": "Red Hat Enterprise Linux AI (RHEL AI) 3",
          "vendor": "Red Hat"
        },
        {
          "cpes": [
            "cpe:/a:redhat:jboss_fuse:7"
          ],
          "defaultStatus": "affected",
          "product": "Red Hat Fuse 7",
          "vendor": "Red Hat"
        },
        {
          "cpes": [
            "cpe:/a:redhat:openshift_ai"
          ],
          "defaultStatus": "affected",
          "product": "Red Hat OpenShift AI (RHOAI)",
          "vendor": "Red Hat"
        },
        {
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "cpes": [
            "cpe:/a:redhat:openshift_devspaces:3"
          ],
          "defaultStatus": "affected",
          "product": "Red Hat OpenShift Dev Spaces",
          "vendor": "Red Hat"
        },
        {
          "cpes": [
            "cpe:/a:redhat:container_native_virtualization:4"
          ],
          "defaultStatus": "affected",
          "product": "Red Hat OpenShift Virtualization 4",
          "vendor": "Red Hat"
        },
        {
          "cpes": [
            "cpe:/a:redhat:quay:3"
          ],
          "defaultStatus": "affected",
          "product": "Red Hat Quay 3",
          "vendor": "Red Hat"
        },
        {
          "cpes": [
            "cpe:/a:redhat:trusted_artifact_signer:1"
          ],
          "defaultStatus": "affected",
          "product": "Red Hat Trusted Artifact Signer",
          "vendor": "Red Hat"
        },
        {
          "cpes": [
            "cpe:/a:redhat:trusted_profile_analyzer:2"
          ],
          "defaultStatus": "affected",
          "product": "Red Hat Trusted Profile Analyzer",
          "vendor": "Red Hat"
        },
        {
          "cpes": [
            "cpe:/a:redhat:ansible_portal:2"
          ],
          "defaultStatus": "affected",
          "product": "Self-service automation portal 2",
          "vendor": "Red Hat"
        },
        {
          "cpes": [
            "cpe:/a:redhat:gatekeeper:3"
          ],
          "defaultStatus": "unaffected",
          "product": "Gatekeeper 3",
          "vendor": "Red Hat"
        },
        {
          "cpes": [
            "cpe:/a:redhat:service_mesh:3"
          ],
          "defaultStatus": "unaffected",
          "product": "OpenShift Service Mesh 3",
          "vendor": "Red Hat"
        },
        {
          "cpes": [
            "cpe:/a:redhat:red_hat_3scale_amp:2"
          ],
          "defaultStatus": "unaffected",
          "product": "Red Hat 3scale API Management Platform 2",
          "vendor": "Red Hat"
        },
        {
          "cpes": [
            "cpe:/a:redhat:camel_spring_boot:4"
          ],
          "defaultStatus": "unaffected",
          "product": "Red Hat build of Apache Camel for Spring Boot 4",
          "vendor": "Red Hat"
        },
        {
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "unaffected",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        }
      ],
      "source": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c"
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:axios:axios:*:*:*:*:*:node.js:*:*",
              "matchCriteriaId": "BE82EB7B-A379-416F-9737-4191F720B8C6",
              "versionEndExcluding": "1.16.0",
              "versionStartIncluding": "1.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Axios is a promise based HTTP client for the browser and Node.js. From 1.0.0 to before 1.16.0, the Axios library is vulnerable to a Prototype Pollution \"Gadget\" attack that allows any Object.prototype pollution in the application\u0027s dependency tree to be escalated into a full Man-in-the-Middle (MITM) attack \u2014 intercepting, reading, and modifying all HTTP traffic including authentication credentials. The HTTP adapter at lib/adapters/http.js:670 reads config.proxy via standard property access, which traverses the prototype chain. Because proxy is not present in Axios defaults, the merged config object has no own proxy property, making it trivially injectable via prototype pollution. Once injected, setProxy() routes all HTTP requests through the attacker\u0027s proxy server. This vulnerability is fixed in 1.16.0."
    }
  ],
  "id": "CVE-2026-44494",
  "lastModified": "2026-07-08T13:16:46.677",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 8.7,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 5.8,
        "source": "security-advisories@github.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 8.7,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 5.8,
        "source": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
        "type": "Secondary"
      }
    ],
    "ssvcV203": [
      {
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "ssvcData": {
          "id": "CVE-2026-44494",
          "options": [
            {
              "exploitation": "poc"
            },
            {
              "automatable": "no"
            },
            {
              "technicalImpact": "total"
            }
          ],
          "role": "CISA Coordinator",
          "timestamp": "2026-06-11T00:00:00+00:00",
          "version": "2.0.3"
        }
      }
    ]
  },
  "published": "2026-06-11T17:16:33.313",
  "references": [
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Exploit",
        "Mitigation",
        "Vendor Advisory"
      ],
      "url": "https://github.com/axios/axios/security/advisories/GHSA-35jp-ww65-95wh"
    },
    {
      "source": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
      "url": "https://access.redhat.com/errata/RHSA-2026:20889"
    },
    {
      "source": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
      "url": "https://access.redhat.com/errata/RHSA-2026:20938"
    },
    {
      "source": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
      "url": "https://access.redhat.com/errata/RHSA-2026:26234"
    },
    {
      "source": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
      "url": "https://access.redhat.com/errata/RHSA-2026:27044"
    },
    {
      "source": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
      "url": "https://access.redhat.com/errata/RHSA-2026:28964"
    },
    {
      "source": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
      "url": "https://access.redhat.com/errata/RHSA-2026:29082"
    },
    {
      "source": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
      "url": "https://access.redhat.com/errata/RHSA-2026:29197"
    },
    {
      "source": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
      "url": "https://access.redhat.com/errata/RHSA-2026:29800"
    },
    {
      "source": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
      "url": "https://access.redhat.com/errata/RHSA-2026:29864"
    },
    {
      "source": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
      "url": "https://access.redhat.com/errata/RHSA-2026:30650"
    },
    {
      "source": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
      "url": "https://access.redhat.com/errata/RHSA-2026:30651"
    },
    {
      "source": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
      "url": "https://access.redhat.com/errata/RHSA-2026:33005"
    },
    {
      "source": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
      "url": "https://access.redhat.com/errata/RHSA-2026:33155"
    },
    {
      "source": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
      "url": "https://access.redhat.com/errata/RHSA-2026:33160"
    },
    {
      "source": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
      "url": "https://access.redhat.com/errata/RHSA-2026:33163"
    },
    {
      "source": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
      "url": "https://access.redhat.com/errata/RHSA-2026:33173"
    },
    {
      "source": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
      "url": "https://access.redhat.com/errata/RHSA-2026:33183"
    },
    {
      "source": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
      "url": "https://access.redhat.com/errata/RHSA-2026:33574"
    },
    {
      "source": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
      "url": "https://access.redhat.com/errata/RHSA-2026:34525"
    },
    {
      "source": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
      "url": "https://access.redhat.com/errata/RHSA-2026:34527"
    },
    {
      "source": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
      "url": "https://access.redhat.com/errata/RHSA-2026:34530"
    },
    {
      "source": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
      "url": "https://access.redhat.com/errata/RHSA-2026:34794"
    },
    {
      "source": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
      "url": "https://access.redhat.com/errata/RHSA-2026:36108"
    },
    {
      "source": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
      "url": "https://access.redhat.com/security/cve/CVE-2026-44494"
    },
    {
      "source": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2487942"
    },
    {
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "tags": [
        "Exploit",
        "Mitigation",
        "Vendor Advisory"
      ],
      "url": "https://github.com/axios/axios/security/advisories/GHSA-35jp-ww65-95wh"
    },
    {
      "source": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
      "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-44494.json"
    }
  ],
  "sourceIdentifier": "security-advisories@github.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-441"
        },
        {
          "lang": "en",
          "value": "CWE-1321"
        }
      ],
      "source": "security-advisories@github.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-915"
        }
      ],
      "source": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
      "type": "Secondary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Loading…

Detection rules are retrieved from Rulezet.

Loading…

Loading…