CVE Vulnerabilities

CVE-2020-4988

Published: Dec 21, 2020 | Modified: Dec 22, 2020

CVSS 3.x

9.8

CRITICAL

Source:

NVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS 2.x

7.5 HIGH

RedHat/V2

RedHat/V3

Ubuntu

Additional information

NVD	https://nvd.nist.gov/vuln/detail/CVE-2020-4988
CWE	https://cwe.mitre.org/data/definitions/.html

Loopback 8.0.0 contains a vulnerability that could allow an attacker to manipulate or pollute Javascript values and cause a denial of service or possibly execute code. IBM X-Force ID: 192706.

Affected Software

Name	Vendor	Start Version	End Version
Loopback	Ibm	8.0.0 (including)	8.0.0 (including)

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/192706

Aqua Container Security

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.