Lucene search
K

7 matches found

Circl
Circl
added 2022/05/14 12:27 a.m.6 views

CVE-2022-25862

creationtimestamp| type| source ---|---|--- 2022-05-14 00:27:22+00:00| seen| https://t.me/cibsecurity/42696...

7.5CVSS7.3AI score0.00689EPSS
Exploits1References1
vulnersOsv
vulnersOsv
added 2022/05/14 12:1 a.m.6 views

colorcat (>=0.0.2 <=0.2.10), karg (=0.1.2) +10 more potentially affected by CVE-2020-7618 +1 more via sds (>=1.14.1 <=4.4.0)

sds NPM version =1.14.1, =0.0.2, =0.2.2, =0.55.1, =1.0.0, =0.0.1, =0.1.1, =0.0.1, =1.0.3, =0.4.16, =0.1.1, =1.0.1, =1.0.2 Source cves: CVE-2020-7618, CVE-2022-25862 Source advisory: OSV:GHSA-PH28-WWFJ-FV7F...

7.5CVSS6.4AI score0.01114EPSS
Exploits2
OSV
OSV
added 2022/05/13 8:15 p.m.4 views

CVE-2022-25862

This affects the package sds from 0.0.0. The library could be tricked into adding or modifying properties of the Object.prototype by abusing the set function located in js/set.js. Note: This vulnerability derives from an incomplete fix to CVE-2020-7618...

7.5CVSS5.8AI score0.00689EPSS
Exploits1References2
Cvelist
Cvelist
added 2022/05/13 8:5 p.m.36 views

CVE-2022-25862 Prototype Pollution

This affects the package sds from 0.0.0. The library could be tricked into adding or modifying properties of the Object.prototype by abusing the set function located in js/set.js. Note: This vulnerability derives from an incomplete fix to CVE-2020-7618...

4CVSS6.4AI score0.00689EPSS
Exploits1References2
CVE
CVE
added 2022/05/13 8:5 p.m.68 views

CVE-2022-25862

The CVE-2022-25862 entry concerns the npm package sds, affected from version 0.0.0 onward. The vulnerability is a prototype pollution flaw caused by the set function in js/set.js, which can allow an attacker to add or modify properties on Object.prototype. This defect stems from an incomplete fix...

7.5CVSS5.1AI score0.00689EPSS
Exploits1References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2022/05/13 8:0 p.m.3 views

CVE-2022-25862

This affects the package sds from 0.0.0. The library could be tricked into adding or modifying properties of the Object.prototype by abusing the set function located in js/set.js. Note: This vulnerability derives from an incomplete fix to CVE-2020-7618...

7.5CVSS6.4AI score0.01114EPSS
Exploits2References3
vulnersOsv
vulnersOsv
added 2022/01/27 2:40 p.m.5 views

colorcat (>=0.0.2 <=0.2.10), karg (=0.1.2) +10 more potentially affected by CVE-2020-7618 +1 more via sds (>=1.14.1 <=4.4.0)

sds NPM version =1.14.1, =0.0.2, =0.2.2, =0.55.1, =1.0.0, =0.0.1, =0.1.1, =0.0.1, =1.0.3, =0.4.16, =0.1.1, =1.0.1, =1.0.2 Source cves: CVE-2020-7618, CVE-2022-25862 Source advisory: SNYK:JS-SDS-2385944...

7.5CVSS6.4AI score0.01114EPSS
Exploits2
Rows per page
Query Builder