Lucene search
GitHub Advisory DatabaseGHSA-X86X-QHF8-F37WHistoryJun 07, 2024 - 10:20 p.m.
willdurand/js-translation-bundle potential path traversal attack and remote code injection
2024-06-0722:20:27
CWE-22
CWE-74
GitHub Advisory Database
github.com
4
security vulnerability
remote code injection
path traversal
javascript
translation bundle
7.7 High
AI Score
Confidence
Low
A path traversal and a javascript code injection vulnerabilities were identified in willdurand/js-translation-bundle versions prior to 2.1.1.
Affected configurations
Node
willdurandjs-translation-bundleRange<2.1.1
| CPE | Name | Operator | Version |
|---|---|---|---|
| willdurand/js-translation-bundle | lt | 2.1.1 |
References
github.com/advisories/GHSA-x86x-qhf8-f37w
github.com/FriendsOfPHP/security-advisories/blob/master/willdurand/js-translation-bundle/2014-07-29-1.yaml
github.com/willdurand/BazingaJsTranslationBundle/commit/7accee93569c3f3d2379f035a41ece66522801fc
github.com/willdurand/BazingaJsTranslationBundle/commit/df6c0fd603c0192ebc5584991a52a1092c5f60bd
github.com/willdurand/BazingaJsTranslationBundle/releases/tag/v2.1.1
7.7 High
AI Score
Confidence
Low