PLSI
Company Details
Linkedin ID:
superindo
Employees number:
13,434
Number of followers:
582,858
NAICS:
43
Industry Type:
Homepage:
jobseeker.software
IP Addresses:
234
Company ID:
PT _2916998
Scan Status:
Completed
PT Lion Super Indo Company CyberSecurity Posture
jobseeker.software
Sejak tahun 1997, Super Indo telah bertumbuh dan berkembang di Indonesia melalui kemitraan bersama Ahold Delhaize yang berasal dari Belanda dan Salim Group dari Indonesia. Didukung lebih dari 10,000 karyawan* yang terlatih, Super Indo berhasil menyediakan berbagai macam barang kebutuhan sehari-hari berkualitas tinggi dengan harga ekonomis. Super Indo selalu menjaga kesegaran dan kualitas produk dengan cara memilih produsen yang baik dan juga menetapkan prosedur operasi standar yang selalu kami pantau. Super Indo juga berkomitmen untuk mengembangkan ekonomi lokal dengan menjalin kemitraan dengan petani lokal dan memberdayakan Usaha Mikro, Kecil, dan Menengah (UMKM) yang menyuplai produk berkualitas di gerai Super Indo. Hal ini membuat Super Indo menjadi pilihan terbaik untuk berbelanja karena kami lebih segar, lebih hemat, dan lebih dekat. Kami percaya bahwa Super Indo tidak hanya memberikan pelayanan yang terbaik dan produk yang berkualitas tinggi, tetapi juga memberikan kontribusi positif bagi komunitas dan menjadi bagian masyarakat yang lebih baik. Hal ini tercermin dari rangkaian kegiatan rutin kami yang mempromosikan gaya hidup sehat, aksi filantropi, hingga zero waste management. Dengan pertumbuhan yang memprioritaskan keberlanjutan, Super Indo selalu membuka peluang kerja untuk masyarakat Indonesia. Super Indo percaya bahwa untuk menginspirasi masyarakat dalam mengembangkan potensi karir adalah membuat lingkungan kerja yang sehat dan inklusif. Seluruh karyawan di Super Indo berkomitmen untuk selalu belajar, berkembang, dan meraih kesuksesan dengan memelihara nilai-nilai Keberanian (Courage), Integritas (Integrity), Kerjasama (Teamwork), Kepedulian (Care), dan Humor (Humor). Ayo bergabung dan berkembang bersama keluarga besar PT Lion Super Indo! Better place to work, better place to shop, better neighbor.
PT Lion Super Indo A.I CyberSecurity Scoring
PLSI Risk Score (AI oriented)Between 800 and 849
PLSI
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
PLSI Global Score (TPRM)XXXX
PLSI
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
PLSI Company CyberSecurity News & History
Past Incidents
2
Attack Types
2
Ahold Delhaize
Cyber Attack
Rankiteo Explanation
Attack threatening the organization's existence
Description: A cybersecurity incident targeting **Ahold Delhaize**, the parent company of **Stop & Shop**, disrupted its U.S. distribution network, leading to widespread inventory shortages across multiple store locations, including Granby, Windsor, and Glastonbury. Customers reported empty or near-empty shelves, particularly in high-demand sections like meats (e.g., ground pork, turkey), dairy (yogurt, sour cream), and other perishables, resembling supply chain disruptions seen during the COVID-19 pandemic. The issue stemmed from a network breach affecting Ahold Delhaize’s systems, impairing deliveries and shipment coordination. While stores remained operational, the inability to restock critical products created frustration among shoppers, some of whom were unaware of the cyber-related cause until arriving at the store. Stop & Shop acknowledged the problem, attributing it to 'mitigation efforts' following the breach, but did not disclose the scope of affected locations or the expected resolution timeline. The incident highlights vulnerabilities in retail supply chains when cyber disruptions target backend logistics, directly impacting consumer access to essential goods during peak periods like Thanksgiving.
Ahold Delhaize
Ransomware
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: The Dutch conglomerate Ahold Delhaize, which owns major American supermarket brands, experienced a cyberattack in November that compromised the personal information of over 2.2 million people. Stolen data includes Social Security numbers, passports, financial account information, health information, and other sensitive employment data. The attack left customers unable to place delivery orders online, and several websites were offline. The INC ransomware gang claimed responsibility, stating they stole six terabytes of information. Ahold Delhaize has offered victims two years of credit monitoring services.
PLSI Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for PLSI
Incidents vs Retail Industry Average (This Year)
No incidents recorded for PT Lion Super Indo in 2025.
Incidents vs All-Companies Average (This Year)
No incidents recorded for PT Lion Super Indo in 2025.
Incident Types PLSI vs Retail Industry Avg (This Year)
No incidents recorded for PT Lion Super Indo in 2025.
Incident History — PLSI (X = Date, Y = Severity)
PLSI cyber incidents detection timeline including parent company and subsidiaries
PLSI Company Subsidiaries
Sejak tahun 1997, Super Indo telah bertumbuh dan berkembang di Indonesia melalui kemitraan bersama Ahold Delhaize yang berasal dari Belanda dan Salim Group dari Indonesia. Didukung lebih dari 10,000 karyawan* yang terlatih, Super Indo berhasil menyediakan berbagai macam barang kebutuhan sehari-hari berkualitas tinggi dengan harga ekonomis. Super Indo selalu menjaga kesegaran dan kualitas produk dengan cara memilih produsen yang baik dan juga menetapkan prosedur operasi standar yang selalu kami pantau. Super Indo juga berkomitmen untuk mengembangkan ekonomi lokal dengan menjalin kemitraan dengan petani lokal dan memberdayakan Usaha Mikro, Kecil, dan Menengah (UMKM) yang menyuplai produk berkualitas di gerai Super Indo. Hal ini membuat Super Indo menjadi pilihan terbaik untuk berbelanja karena kami lebih segar, lebih hemat, dan lebih dekat. Kami percaya bahwa Super Indo tidak hanya memberikan pelayanan yang terbaik dan produk yang berkualitas tinggi, tetapi juga memberikan kontribusi positif bagi komunitas dan menjadi bagian masyarakat yang lebih baik. Hal ini tercermin dari rangkaian kegiatan rutin kami yang mempromosikan gaya hidup sehat, aksi filantropi, hingga zero waste management. Dengan pertumbuhan yang memprioritaskan keberlanjutan, Super Indo selalu membuka peluang kerja untuk masyarakat Indonesia. Super Indo percaya bahwa untuk menginspirasi masyarakat dalam mengembangkan potensi karir adalah membuat lingkungan kerja yang sehat dan inklusif. Seluruh karyawan di Super Indo berkomitmen untuk selalu belajar, berkembang, dan meraih kesuksesan dengan memelihara nilai-nilai Keberanian (Courage), Integritas (Integrity), Kerjasama (Teamwork), Kepedulian (Care), dan Humor (Humor). Ayo bergabung dan berkembang bersama keluarga besar PT Lion Super Indo! Better place to work, better place to shop, better neighbor.
Loading...
PLSI Similar Companies
Bunnings
We are the leading retailer of home improvement and outdoor living products in Australia & New Zealand and a major supplier to project builders, commercial tradespeople and the housing industry. Our ambition is to provide our customers with the widest range of home improvement products in accordanc
Albert Heijn
Bij Albert Heijn geloven we dat eten en drinken een essentiële rol speelt bij de grote uitdagingen in de maatschappij. Het levert een belangrijke bijdrage aan een gezonde levensstijl, het verbindt mensen en draagt bij aan een beter klimaat en daarmee een duurzame samenleving. Onze missie is dan ook:
Harbor Freight Tools
We're a 45 year-old, $8 billion national tool retailer with the energy, enthusiasm, and growth potential of a start-up. We have over 1,600 stores in 48 states across the country and are opening several new locations every week. We offer our customers more than 7,000 tools and accessories, from hand
7-Eleven
7-Eleven introduced the world to convenience. And in return, the world made us the #1 convenience retailer. It started with a simple idea – give customers what they want, when and where they want it. That was 1927. And what started on a single ice dock in Dallas, Texas, has since grown to more than
Azadea Group
AZADEA Group is a premier lifestyle retail company that owns and operates more than 40+ leading international franchise concepts across the Middle East and Africa. With over 13,500 employees, dedicated offices in every market it operates, and world-class infrastructure, the company oversees over 700
Specsavers
Specsavers began 40 years ago with the vision of two optometrists, Doug and Mary Perkins, who set out to provide best-value eyecare to everybody. Their passion for optometry has led Specsavers to become the largest privately-owned optical group in the world, delivering high-quality, affordable opt
At PetSmart, we’ll do Anything for Pets. ❤️🐾 And the people who love them! Because we’re those people, too. Pets inspire and motivate us to bring our best selves to work each day. Our associates are devoted to ensuring that pets’ lives are happy and healthy. So, naturally, we’re devoted to ensuring
Sobeys
As one of only two national grocery retailers in Canada, Sobeys Inc. serves the food shopping needs of Canadians with more than 1,500 stores in 10 provinces with retail banners that include Sobeys, Safeway, IGA, Foodland, FreshCo, Price Chopper, Thrifty Foods and Lawtons Drugs, as well as more than
Comercial Mexicana
Nuestra misión es ser la tienda de autoservicio preferida por el consumidor, que entregue altos rendimientos a sus inversionistas; ser un cliente honesto y respetuoso para sus proveedores y representar una de las mejores ofertas laborales del país. Nuestra visión es ser la cadena de tiendas de au
.png)
PLSI CyberSecurity News
November 27, 2025 01:41 PM
Essential ways to build a robust cybersecurity strategy for the new year
Entering the new year with a robust cybersecurity strategy is essential. Threats are growing more sophisticated, often leveraging AI to craft...
November 27, 2025 01:00 PM
2026: The Rise of AI-Powered Cybercrime
As human-free cybercrime and AI agents redefine digital threats, Mexico must modernize cybersecurity to address new risks, writes Oscar...
November 27, 2025 01:00 PM
Data breaches, but worse: When hackers target our public services | Opinion
Hackers took password data from emergency alert system CodeRED. The data we hand over for public services often goes to private companies.
November 27, 2025 12:57 PM
6 Ways AI Is Quietly Reshaping Enterprise Cybersecurity
Artificial intelligence is changing how enterprises defend digital systems. It no longer acts as an optional tool but as a key part of daily...
November 27, 2025 12:36 PM
FDA could intensify focus on medtech cybersecurity in 2026
The FDA's cybersecurity dictates around premarket applications' have been in effect since 2023, with more post-market oversight expected...
November 27, 2025 12:30 PM
Buy 3 Cybersecurity Stocks Ahead of Cyber Monday for Long-Term Gains
Ahead of Cyber Monday, picks highlight long-term cybersecurity potential as CRWD, QLYS and CYBR leverage rising demand for advanced...
November 27, 2025 11:21 AM
FCC Chairman Carr’s trust in telecom-led cybersecurity is audacious
The Federal Communications Commission (FCC) decision late last week to rescind a telecom cybersecurity ruling enacted during the last days...
November 27, 2025 10:31 AM
New telecom cybersecurity rules in force, DoT clarifies enforcement status
New telecom cybersecurity rules in force, DoT clarifies enforcement status - New Delhi [India] November 27 : The Department of...
November 27, 2025 10:24 AM
SGS Highlights Cybersecurity Capabilities With World’s First EU RED-NB Certification and Cybersecurity Mark
HONG KONG, Nov. 26, 2025 /PRNewswire/ -- SGS, the world's leading testing, inspection and certification company, has awarded Ruijie Networks...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
PLSI CyberSecurity History Information
Official Website of PT Lion Super Indo
The official website of PT Lion Super Indo is https://superindo.jobseeker.software/.
PT Lion Super Indo’s AI-Generated Cybersecurity Score
According to Rankiteo, PT Lion Super Indo’s AI-generated cybersecurity score is 804, reflecting their Good security posture.
How many security badges does PT Lion Super Indo’ have ?
According to Rankiteo, PT Lion Super Indo currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does PT Lion Super Indo have SOC 2 Type 1 certification ?
According to Rankiteo, PT Lion Super Indo is not certified under SOC 2 Type 1.
Does PT Lion Super Indo have SOC 2 Type 2 certification ?
According to Rankiteo, PT Lion Super Indo does not hold a SOC 2 Type 2 certification.
Does PT Lion Super Indo comply with GDPR ?
According to Rankiteo, PT Lion Super Indo is not listed as GDPR compliant.
Does PT Lion Super Indo have PCI DSS certification ?
According to Rankiteo, PT Lion Super Indo does not currently maintain PCI DSS compliance.
Does PT Lion Super Indo comply with HIPAA ?
According to Rankiteo, PT Lion Super Indo is not compliant with HIPAA regulations.
Does PT Lion Super Indo have ISO 27001 certification ?
According to Rankiteo,PT Lion Super Indo is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of PT Lion Super Indo
PT Lion Super Indo operates primarily in the Retail industry.
Number of Employees at PT Lion Super Indo
PT Lion Super Indo employs approximately 13,434 people worldwide.
Subsidiaries Owned by PT Lion Super Indo
PT Lion Super Indo presently has no subsidiaries across any sectors.
PT Lion Super Indo’s LinkedIn Followers
PT Lion Super Indo’s official LinkedIn profile has approximately 582,858 followers.
NAICS Classification of PT Lion Super Indo
PT Lion Super Indo is classified under the NAICS code 43, which corresponds to Retail Trade.
PT Lion Super Indo’s Presence on Crunchbase
No, PT Lion Super Indo does not have a profile on Crunchbase.
PT Lion Super Indo’s Presence on LinkedIn
Yes, PT Lion Super Indo maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/superindo.
Cybersecurity Incidents Involving PT Lion Super Indo
As of November 27, 2025, Rankiteo reports that PT Lion Super Indo has experienced 2 cybersecurity incidents.
Number of Peer and Competitor Companies
PT Lion Super Indo has an estimated 15,247 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at PT Lion Super Indo ?
Incident Types: The types of cybersecurity incidents that have occurred include Ransomware and Cyber Attack.
How does PT Lion Super Indo detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an communication strategy with two years of credit monitoring services for victims, and incident response plan activated with likely (mitigation efforts mentioned), and remediation measures with working to resolve the issue and restore deliveries, and communication strategy with public statement confirming stores remain open but with limited inventory; signs posted in some locations..
Incident Details
Can you provide details on each incident ?
Title: Data Breach at Ahold Delhaize
Description: Ahold Delhaize, a Dutch conglomerate behind major American supermarket brands, suffered a cyberattack in November that compromised the information of more than 2.2 million people. The stolen information includes Social Security numbers, passports, financial account information, health information, and other sensitive employment data.
Date Detected: 2023-11-06
Date Publicly Disclosed: 2023-04-01
Type: Data Breach
Threat Actor: INC ransomware gang
Motivation: Data Theft
Title: Cybersecurity Issue Disrupts Distribution at Stop & Shop Stores
Description: A cybersecurity issue affecting Ahold Delhaize, the parent company of Stop & Shop, has led to distribution problems across multiple store locations, including Granby, Windsor, and Glastonbury. Customers reported shortages of meats, dairy products, and other essentials, with shelves appearing bare in some sections. Stop & Shop confirmed the issue stems from a cybersecurity problem in its U.S. network, disrupting deliveries and shipments. The company is working to resolve the issue but has not disclosed the number of affected locations or the full scope of the incident.
Date Publicly Disclosed: 2024-11-17
Type: Operational Disruption
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Cyber Attack.
Impact of the Incidents
What was the impact of each incident ?
Incident : Data Breach AHO615062825
Data Compromised: Social security numbers, Passports, Financial account information, Health information, Sensitive employment data
Systems Affected: Online ordering systems
Downtime: Customers unable to place delivery orders online
Incident : Operational Disruption AHO3943639102725
Systems Affected: Distribution NetworkInventory Management
Operational Impact: Disrupted deliveries and shipments leading to product shortages in stores
Customer Complaints: Reports of empty shelves and low supplies on social media (e.g., 'Simsbury Neighbors Unite' Facebook group)
Brand Reputation Impact: Customer concern and surprise; potential erosion of trust due to supply chain disruptions
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Social Security Numbers, Passports, Financial Account Information, Health Information, Sensitive Employment Data and .
Which entities were affected by each incident ?
Incident : Data Breach AHO615062825
Entity Name: Ahold Delhaize
Entity Type: Corporate
Industry: Retail
Location: USA
Size: More than 2,000 stores
Customers Affected: More than 2.2 million
Incident : Operational Disruption AHO3943639102725
Entity Name: Stop & Shop
Entity Type: Retail (Grocery Chain)
Industry: Retail
Location: Granby, CTWindsor, CTGlastonbury, CTSimsbury, CT (reported via social media)
Incident : Operational Disruption AHO3943639102725
Entity Name: Ahold Delhaize
Entity Type: Parent Company
Industry: Retail
Location: U.S. Network
Response to the Incidents
What measures were taken in response to each incident ?
Incident : Data Breach AHO615062825
Communication Strategy: Two years of credit monitoring services for victims
Incident : Operational Disruption AHO3943639102725
Incident Response Plan Activated: Likely (mitigation efforts mentioned)
Remediation Measures: Working to resolve the issue and restore deliveries
Communication Strategy: Public statement confirming stores remain open but with limited inventory; signs posted in some locations
What is the company's incident response plan?
Incident Response Plan: The company's incident response plan is described as Likely (mitigation efforts mentioned).
Data Breach Information
What type of data was compromised in each breach ?
Incident : Data Breach AHO615062825
Type of Data Compromised: Social security numbers, Passports, Financial account information, Health information, Sensitive employment data
Number of Records Exposed: More than 2.2 million
Sensitivity of Data: High
Data Exfiltration: 6 terabytes of information
What measures does the company take to prevent data exfiltration ?
Prevention of Data Exfiltration: The company takes the following measures to prevent data exfiltration: Working to resolve the issue and restore deliveries.
Ransomware Information
Was ransomware involved in any of the incidents ?
Incident : Data Breach AHO615062825
Ransomware Strain: INC
Data Exfiltration: 6 terabytes of information
Regulatory Compliance
Were there any regulatory violations and fines imposed for each incident ?
Incident : Data Breach AHO615062825
Regulatory Notifications: Filed documents with regulators in Maine
References
Where can I find more information about each incident ?
Incident : Data Breach AHO615062825
Source: News Article
Incident : Operational Disruption AHO3943639102725
Source: WFSB (CBS Connecticut)
URL: https://www.wfsb.com
Date Accessed: 2024-11-17
Incident : Operational Disruption AHO3943639102725
Source: WGGB (ABC Western Massachusetts)
URL: https://www.wggb.com
Date Accessed: 2024-11-17
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: News Article, and Source: WFSB (CBS Connecticut)Url: https://www.wfsb.comDate Accessed: 2024-11-17, and Source: WGGB (ABC Western Massachusetts)Url: https://www.wggb.comDate Accessed: 2024-11-17.
Investigation Status
What is the current status of the investigation for each incident ?
Incident : Operational Disruption AHO3943639102725
Investigation Status: Ongoing (company working to resolve the issue)
How does the company communicate the status of incident investigations to stakeholders ?
Communication of Investigation Status: The company communicates the status of incident investigations to stakeholders through Two years of credit monitoring services for victims and Public statement confirming stores remain open but with limited inventory; signs posted in some locations.
Stakeholder and Customer Advisories
Were there any advisories issued to stakeholders or customers for each incident ?
Incident : Operational Disruption AHO3943639102725
Stakeholder Advisories: Public statement acknowledging limited inventory due to cybersecurity issue
Customer Advisories: Signs posted in some stores notifying customers of impacted deliveries
What advisories does the company provide to stakeholders and customers following an incident ?
Advisories Provided: The company provides the following advisories to stakeholders and customers following an incident: were Public statement acknowledging limited inventory due to cybersecurity issue and Signs posted in some stores notifying customers of impacted deliveries.
Additional Questions
General Information
Who was the attacking group in the last incident ?
Last Attacking Group: The attacking group in the last incident was an INC ransomware gang.
Incident Details
What was the most recent incident detected ?
Most Recent Incident Detected: The most recent incident detected was on 2023-11-06.
What was the most recent incident publicly disclosed ?
Most Recent Incident Publicly Disclosed: The most recent incident publicly disclosed was on 2024-11-17.
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were Social Security numbers, Passports, Financial account information, Health information, Sensitive employment data and .
What was the most significant system affected in an incident ?
Most Significant System Affected: The most significant system affected in an incident was Distribution NetworkInventory Management.
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were Sensitive employment data, Financial account information, Social Security numbers, Health information and Passports.
What was the number of records exposed in the most significant breach ?
Number of Records Exposed in Most Significant Breach: The number of records exposed in the most significant breach was 2.2M.
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident are WFSB (CBS Connecticut), WGGB (ABC Western Massachusetts) and News Article.
What is the most recent URL for additional resources on cybersecurity best practices ?
Most Recent URL for Additional Resources: The most recent URL for additional resources on cybersecurity best practices is https://www.wfsb.com, https://www.wggb.com .
Investigation Status
What is the current status of the most recent investigation ?
Current Status of Most Recent Investigation: The current status of the most recent investigation is Ongoing (company working to resolve the issue).
Stakeholder and Customer Advisories
What was the most recent stakeholder advisory issued ?
Most Recent Stakeholder Advisory: The most recent stakeholder advisory issued was Public statement acknowledging limited inventory due to cybersecurity issue, .
What was the most recent customer advisory issued ?
Most Recent Customer Advisory: The most recent customer advisory issued was an Signs posted in some stores notifying customers of impacted deliveries.
.png)
Latest Global CVEs (Not Company-Specific)
Description
Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to versions 19.2.16, 20.3.14, and 21.0.1, there is a XSRF token leakage via protocol-relative URLs in angular HTTP clients. The vulnerability is a Credential Leak by App Logic that leads to the unauthorized disclosure of the Cross-Site Request Forgery (XSRF) token to an attacker-controlled domain. Angular's HttpClient has a built-in XSRF protection mechanism that works by checking if a request URL starts with a protocol (http:// or https://) to determine if it is cross-origin. If the URL starts with protocol-relative URL (//), it is incorrectly treated as a same-origin request, and the XSRF token is automatically added to the X-XSRF-TOKEN header. This issue has been patched in versions 19.2.16, 20.3.14, and 21.0.1. A workaround for this issue involves avoiding using protocol-relative URLs (URLs starting with //) in HttpClient requests. All backend communication URLs should be hardcoded as relative paths (starting with a single /) or fully qualified, trusted absolute URLs.
Risk Information
cvss4
Base: 7.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
- https://github.com/angular/angular/commit/0276479e7d0e280e0f8d26fa567d3b7aa97a516f
- https://github.com/angular/angular/commit/05fe6686a97fa0bcd3cf157805b3612033f975bc
- https://github.com/angular/angular/commit/3240d856d942727372a705252f7c8c115394a41e
- https://github.com/angular/angular/releases/tag/19.2.16
- https://github.com/angular/angular/releases/tag/20.3.14
- https://github.com/angular/angular/releases/tag/21.0.1
- https://github.com/angular/angular/security/advisories/GHSA-58c5-g7wp-6w37
Description
Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Uncontrolled Recursion vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft deep ASN.1 structures that trigger unbounded recursive parsing. This leads to a Denial-of-Service (DoS) via stack exhaustion when parsing untrusted DER inputs. This issue has been patched in version 1.3.2.
Risk Information
cvss4
Base: 8.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Integer Overflow vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft ASN.1 structures containing OIDs with oversized arcs. These arcs may be decoded as smaller, trusted OIDs due to 32-bit bitwise truncation, enabling the bypass of downstream OID-based security decisions. This issue has been patched in version 1.3.2.
Risk Information
cvss4
Base: 6.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. Prior to versions 7.0.13 and 8.0.2, working with large buffers in Lua scripts can lead to a stack overflow. Users of Lua rules and output scripts may be affected when working with large buffers. This includes a rule passing a large buffer to a Lua script. This issue has been patched in versions 7.0.13 and 8.0.2. A workaround for this issue involves disabling Lua rules and output scripts, or making sure limits, such as stream.depth.reassembly and HTTP response body limits (response-body-limit), are set to less than half the stack size.
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Description
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. In versions from 8.0.0 to before 8.0.2, a NULL dereference can occur when the entropy keyword is used in conjunction with base64_data. This issue has been patched in version 8.0.2. A workaround involves disabling rules that use entropy in conjunction with base64_data.
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=superindo' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
