Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistMitreCVELIST:CVE-2019-19507
HistoryDec 02, 2019 - 4:17 p.m.

CVE-2019-19507

2019-12-0216:17:45
mitre
www.cve.org
5

AI Score

5.1

Confidence

High

EPSS

0.001

Percentile

45.3%

JSON

In jpv (aka Json Pattern Validator) before 2.1.1, compareCommon() can be bypassed because certain internal attributes can be overwritten via a conflicting name, as demonstrated by ‘constructor’: {‘name’:‘Array’}. This affects validate(). Hence, a crafted payload can overwrite this builtin attribute to manipulate the type detection result.

Related

cve 1
prion 1
nvd 1
osv 1
githubexploit 1
github 1
veracode 1
cve
cve
CVE-2019-19507
2019-12-02 17:15:13
prion
prion
Design/Logic Flaw
2019-12-02 17:15:00
nvd
nvd
CVE-2019-19507
2019-12-02 17:15:13
osv
osv
Validation bypass is possible in Json Pattern Validator
2019-12-04 21:25:28
githubexploit
githubexploit
Exploit for Improper Authentication in Json Pattern Validator Project Json Pattern Validator
2020-12-01 09:18:58
github
github
Validation bypass is possible in Json Pattern Validator
2019-12-04 21:25:28
veracode
veracode
Prototype Pollution
2019-12-04 03:21:47

AI Score

5.1

Confidence

High

EPSS

0.001

Percentile

45.3%

JSON
Related for CVELIST:CVE-2019-19507
cve1prion1nvd1osv1githubexploit1github1veracode1