Lucene search
GoogleOSV:DLA-3760-1HistoryMar 14, 2024 - 12:00 a.m.
node-xml2js - security update
2024-03-1400:00:00
Google
osv.dev
8
security update
node-xml2js
5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
7.2 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
39.6%
Bulletin has no description
| CPE | Name | Operator | Version |
|---|---|---|---|
| node-xml2js | eq | 0.2.8-1.1 | |
| node-xml2js | eq | 0.2.8-1 |
Related
ubuntucve
ubuntucve
CVE-2023-0842
2023-04-05 00:00:00
ibm
ibm
debian
debian
[SECURITY] [DLA 3760-1] node-xml2js security update
2024-03-14 20:06:14
openvas
openvas
Debian: Security Advisory (DLA-3760-1)
2024-03-15 00:00:00
veracode
veracode
Prototype Pollution
2023-04-11 04:10:22
redhatcve
redhatcve
CVE-2023-0842
2023-05-05 17:21:29
debiancve
debiancve
CVE-2023-0842
2023-04-05 20:15:07
cve
cve
CVE-2023-0842
2023-04-05 20:15:07
osv
osv
xml2js is vulnerable to prototype pollution
2023-04-05 21:30:24
prion
prion
Code injection
2023-04-05 20:15:00
nessus
nessus
Debian dla-3760 : node-xml2js - security update
2024-03-14 00:00:00
RHEL 8 : xml2js (Unpatched Vulnerability)
2024-06-03 00:00:00
nvd
nvd
CVE-2023-0842
2023-04-05 20:15:07
cvelist
cvelist
CVE-2023-0842
2023-04-05 00:00:00
github
github
xml2js is vulnerable to prototype pollution
2023-04-05 21:30:24
5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
7.2 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
39.6%
Related for OSV:DLA-3760-1