Comparison Overview
VALRHONA销售有限公司.jpeg)

VALRHONA
14, avenue Président Roosevelt, Tain l'Hermitage, 26602, FR
Last Update: 03/04/2026
Valrhona’s story began in 1922 with passion, commitment and excellence as its guiding lights. Ever since, these three values have paved our way, allowing us to push back the boundaries of creativity and flavor. Alongside our partners and customers, we imagine the best o...
销售有限公司.jpeg)
Lee Kum Kee (China) Trading Limited
徐汇区南宁路970号李锦记大厦22F、23F、25F, 上海市, CN
Last Update: 05/04/2026
Established in 1888 , Lee Kum Kee is an international household name in authentic Asian sauces and condiments , as well as "a symbol of quality and trust". As a globally renowned Chinese multinational corporation , Lee Kum Kee now offers over 200 types of sauce and cond...
Compliance Ranges Comparison

VALRHONA






销售有限公司.jpeg)
Lee Kum Kee (China) Trading Limited






Benchmark & Cyber Underwriting Signals
Incidents vs Food and Beverage Manufacturing Industry Avg (This Year)
No incidents recorded for VALRHONA in 2026.
Incidents vs Food and Beverage Manufacturing Industry Avg (This Year)
No incidents recorded for Lee Kum Kee (China) Trading Limited in 2026.
Incident History - VALRHONA (X = Date, Y = Severity)
VALRHONA cyber incidents detection timeline including parent company and subsidiaries.
Incident History - Lee Kum Kee (China) Trading Limited (X = Date, Y = Severity)
Lee Kum Kee (China) Trading Limited cyber incidents detection timeline including parent company and subsidiaries.
Notable Incidents

VALRHONA
销售有限公司.jpeg)
Lee Kum Kee (China) Trading Limited
FAQ
Latest Global CVEs
Authentication bypass using an alternate path or channel in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform tampering over a network.
JLine is a Java library for handling console input. Prior to 3.30.14, 4.0.16, and 4.2.1, the JLine3 Telnet server remote-telnet module does not apply an upper bound to terminal dimensions received via the Telnet NAWS option, and TelnetIO.handleNAWS() in TelnetIO.java:856-879 reads client-supplied width and height as 16-bit unsigned integers and passes values such as 65535x65535 to setTerminalGeometry(), allowing an unauthenticated remote attacker to repeatedly alternate values and trigger continuous expensive rendering work that causes CPU exhaustion and denial of service. This issue is fixed in versions 3.30.14, 4.0.16, and 4.2.1.
- https://github.com/jline/jline3/commit/3ea9cad8699714dc072fade29d36be0d1e23d708
- https://github.com/jline/jline3/commit/733eb353dca7b0ea0252e724445b6defa29c393e
- https://github.com/jline/jline3/commit/86b7ba7801988aadb1a67555629522a71d603bd3
- https://github.com/jline/jline3/pull/2000
- https://github.com/jline/jline3/releases/tag/4.0.16
- https://github.com/jline/jline3/releases/tag/4.2.1
- https://github.com/jline/jline3/security/advisories/GHSA-2r2c-cx56-8933
JLine is a Java library for handling console input. Prior to 3.30.14, 4.0.16, and 4.2.1, the JLine3 Telnet server remote-telnet module does not limit the number of environment variables a client may inject via the Telnet NEW-ENVIRON option, and TelnetIO.readNEVariables() in TelnetIO.java:1127-1180 stores each variable pair in a HashMap held by ConnectionData, allowing an unauthenticated attacker to flood unique variable pairs before the terminating IAC SE byte and exhaust JVM heap memory with an OutOfMemoryError. This issue is fixed in versions 3.30.14, 4.0.16, and 4.2.1.
- https://github.com/jline/jline3/commit/0389f0ee6d0375901b602671ad5dafd4d1d4ee09
- https://github.com/jline/jline3/commit/4ee3a73849ffb9a85ec748e4e8cd8f6d81f84f40
- https://github.com/jline/jline3/commit/934f09e6128cee33c2b13d42b6e859c1ee2d194b
- https://github.com/jline/jline3/pull/2000
- https://github.com/jline/jline3/pull/2001
- https://github.com/jline/jline3/releases/tag/4.0.16
- https://github.com/jline/jline3/releases/tag/4.2.1
- https://github.com/jline/jline3/releases/tag/jline-3.30.14
- https://github.com/jline/jline3/security/advisories/GHSA-47qp-hqvx-6r3f
Exposure of private personal information to an unauthorized actor in Windows RDP allows an unauthorized attacker to disclose information over a network.
Feathersjs is a framework for creating web APIs and real-time applications with TypeScript or JavaScript. In 5.0.44 and earlier, the _.merge(target, source) utility exported by @feathersjs/commons recursively merges source into target by iterating Object.keys(source). When source was produced by JSON.parse and contains a __proto__, constructor, or prototype key, that key is returned as an own-enumerable property; the recursive merge then resolves target['__proto__'] to Object.prototype and writes attacker-supplied properties onto it, polluting the prototype for all plain objects in the process for the lifetime of the Node process. This issue is fixed in version 5.0.45.