Lucene search
Redhat.comRH:CVE-2019-20149HistoryMay 13, 2021 - 5:51 a.m.
CVE-2019-20149
2021-05-1305:51:53
redhat.com
access.redhat.com
142
nodejs-kind-of
internal attributes
type detection manipulation
EPSS
0.001
Percentile
38.8%
A flaw was found in nodejs-kind-of. An external user is allowed input to overwrite certain internal attributes via a conflicting name, as demonstrated by ‘constructor’: {‘name’:‘Symbol’}. Hence, a crafted payload can overwrite this builtin attribute to manipulate the type detection result.
Related
cbl_mariner
cbl_mariner
CVE-2019-20149 affecting package js-jquery for versions less than 3.5.0-4
2024-08-15 10:17:57
CVE-2019-20149 affecting package js-jquery for versions less than 3.5.0-4
2024-09-03 12:26:21
ubuntucve
ubuntucve
CVE-2019-20149
2019-12-30 00:00:00
githubexploit
githubexploit
Exploit for Exposure of Resource to Wrong Sphere in Kind-Of Project Kind-Of
2020-12-01 09:18:58
nessus
nessus
CBL Mariner 2.0 Security Update: js-jquery (CVE-2019-20149)
2024-09-12 00:00:00
RHEL 8 : nodejs-kind-of (Unpatched Vulnerability)
2024-05-11 00:00:00
Splunk Enterprise < 8.1.14, 8.2.0 < 8.2.11, 9.0.0 < 9.0.5 (SVD-2023-0613)
2024-05-02 00:00:00
osv
osv
Validation Bypass in kind-of
2020-03-31 15:59:54
CVE-2019-20149
2019-12-30 19:15:11
debiancve
debiancve
CVE-2019-20149
2019-12-30 19:15:11
nvd
nvd
CVE-2019-20149
2019-12-30 19:15:11
github
github
Validation Bypass in kind-of
2020-03-31 15:59:54
veracode
veracode
Prototype Pollution
2019-12-17 02:47:19
cvelist
cvelist
CVE-2019-20149
2019-12-30 18:25:10
prion
prion
Design/Logic Flaw
2019-12-30 19:15:00
cve
cve
CVE-2019-20149
2019-12-30 19:15:11
ibm
ibm
Security Bulletin: IBM Cloud Pak for Security includes components with multiple known vulnerabilities
2023-08-01 14:54:42
Security Bulletin: Multiple vulnerabilites affect IBM Engineering products.
2021-03-29 21:46:36
Security Bulletin: OSS security Scan issues for Concerto installer.
2020-12-08 06:37:17
redhat
redhat