Lucene search

Rest Data Services Security Vulnerabilities

cve

CVE-2021-32012

SheetJS and SheetJS Pro through 0.16.9 allows attackers to cause a denial of service (memory consumption) via a crafted .xlsx document that is mishandled when read by xlsx.js (issue 1 of...

5.5CVSS

5.4AI Score

0.001EPSS

2021-07-19 02:15 PM

cve

CVE-2021-32013

SheetJS and SheetJS Pro through 0.16.9 allows attackers to cause a denial of service (memory consumption) via a crafted .xlsx document that is mishandled when read by xlsx.js (issue 2 of...

5.5CVSS

5.4AI Score

0.001EPSS

2021-07-19 02:15 PM

cve

CVE-2021-32014

SheetJS and SheetJS Pro through 0.16.9 allows attackers to cause a denial of service (CPU consumption) via a crafted .xlsx document that is mishandled when read by...

5.5CVSS

5.4AI Score

0.001EPSS

2021-07-19 02:15 PM

cve

CVE-2019-11358

jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable proto property, it could extend the native...

6.1CVSS

6.5AI Score

0.035EPSS

2019-04-20 12:29 AM

1186

In Wild

cve

CVE-2017-9735

Jetty through 9.4.x is prone to a timing channel in util/security/Password.java, which makes it easier for remote attackers to obtain access by observing elapsed times before rejection of incorrect...

7.5CVSS

7.2AI Score

0.003EPSS

2017-06-16 09:29 PM

117