Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 9:59 a.m.7 views

CVE-2020-7600

querymen prior to 2.1.4 allows modification of object properties. The parameters of exported function handlertype, name, fn can be controlled by users without any sanitization. This could be abused for Prototype Pollution attacks...

5.3CVSS6.7AI score0.01127EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-6101

Malicious code in bioql PyPI...

7.5CVSS6.1AI score0.011EPSS
Exploits1References2
Circl
Circl
added 2022/06/18 12:23 a.m.6 views

CVE-2020-7600

creationtimestamp| type| source ---|---|--- 2022-06-18 00:23:13+00:00| seen| https://t.me/cibsecurity/44761...

5.3CVSS5.8AI score0.01127EPSS
Exploits1References1
CVE
CVE
added 2022/06/17 8:5 p.m.69 views

CVE-2022-25871

Summary (CVE-2022-25871) : Affects the Node.js middleware querymen . It allows Prototype Pollution through the parameters of the exported function handler(type, name, fn) when user-controlled input is not sanitized; this stems from an incomplete fix of CVE-2020-7600. The CVE entry notes the vulne...

7.5CVSS5.5AI score0.011EPSS
Exploits1References1Affected Software1
vulnersOsv
vulnersOsv
added 2022/02/02 1:19 p.m.5 views

@mohamed.abdelall/omni-backend (>=1.0.0 <=1.1.53), generator-rest (=0.2.0) +7 more potentially affected by CVE-2020-7600 +1 more via querymen (=2.1.4)

querymen NPM version =2.1.4 is affected by a known vulnerability. The following packages have a transitive dependency on querymen and may be impacted: - @mohamed.abdelall/omni-backend =1.0.0, =0.0.1, =1.0.0, =1.0.0, =0.1.0, =1.0.14, =1.0.6, =1.4.10 - vulnogram =0.1.0-rc1 Source cves: CVE-2020-760...

7.5CVSS6.6AI score0.01127EPSS
Exploits2
CVE
CVE
added 2020/03/12 10:25 p.m.80 views

CVE-2020-7600

The CVE-2020-7600 entry concerns the Node.js package querymen, where versions prior to 2.1.4 are vulnerable to Prototype Pollution. The vulnerability arises from the ability to control the parameters of the exported function handler(type, name, fn) without proper sanitization, enabling an attacke...

5.3CVSS5.4AI score0.01127EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder