Lucene search
K

12 matches found

RedhatCVE
RedhatCVE
added 2025/02/05 9:32 p.m.8 views

CVE-2022-2564

Prototype Pollution in GitHub repository automattic/mongoose prior to 6.4.6...

9.8CVSS6.6AI score0.32676EPSS
Exploits1References1
OSV
OSV
added 2023/10/17 2:21 p.m.52 views

GHSA-RC4V-99CR-PJCM Prototype Pollution in ali-security/mongoose

Impact This vulnerability causes a Prototype Pollution in document.js, through functions such as findByIdAndUpdate. For applications using Express and EJS, this can potentially allow remote code execution. Patches The original patched version for mongoose 5.3.3 did not include a fix for...

10CVSS8.3AI score
Exploits0References4
Github Security Blog
Github Security Blog
added 2023/10/17 2:21 p.m.51 views

Prototype Pollution in ali-security/mongoose

Impact This vulnerability causes a Prototype Pollution in document.js, through functions such as findByIdAndUpdate. For applications using Express and EJS, this can potentially allow remote code execution. Patches The original patched version for mongoose 5.3.3 did not include a fix for...

7.3AI score
Exploits0References4Affected Software1
NVD
NVD
added 2022/08/26 5:15 a.m.15 views

CVE-2022-24304

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2022-2564. Reason: This candidate is a duplicate of CVE-2022-2564. Notes: All CVE users should reference CVE-2022-2564 instead of this candidate. All references and descriptions in this candidate have been removed to prevent...

Exploits0
CVE
CVE
added 2022/08/26 4:44 a.m.67 views

CVE-2022-24304

CVE-2022-24304 is rejected/not used; reference CVE-2022-2564 instead.

8.1AI score
Exploits0
Circl
Circl
added 2022/07/29 12:12 a.m.9 views

CVE-2022-2564

creationtimestamp| type| source ---|---|--- 2022-07-29 00:12:47+00:00| seen| https://t.me/cibsecurity/47245...

9.8CVSS7.2AI score0.32676EPSS
Exploits1References1
vulnersOsv
vulnersOsv
added 2022/07/29 12:0 a.m.5 views

1405-authtokens (>=1.0.1 <=1.0.5), 1405_logging (=1.0.0) +3986 more potentially affected by CVE-2022-2564 via mongoose (>=1.0.0 <=5.13.14)

mongoose NPM version =1.0.0, =1.0.1, =1.0.7, =0.0.1, =0.0.2, =0.3.0, =0.0.1, =0.17.6, =0.0.1, =1.0.16, =1.0.30, =3.7.0, =3.8.2 and more Source cves: CVE-2022-2564 Source advisory: OSV:GHSA-F825-F98C-GJ3G...

9.8CVSS7.1AI score0.32676EPSS
Exploits1
NVD
NVD
added 2022/07/28 8:15 p.m.27 views

CVE-2022-2564

Prototype Pollution in GitHub repository automattic/mongoose prior to 6.4.6...

9.8CVSS0.32676EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2022/07/28 8:15 p.m.4 views

CVE-2022-2564

Prototype Pollution in GitHub repository automattic/mongoose prior to 6.4.6...

9.8CVSS7.1AI score0.32676EPSS
Exploits1References5
CVE
CVE
added 2022/07/28 3:21 p.m.119 views

CVE-2022-2564

CVE-2022-2564 covers a Prototype Pollution vulnerability in automattic/mongoose prior to 6.4.6. Some connected records describe the issue as prototype pollution via Schema.path, which could enable modification of the Object prototype and, per related advisories, potential DoS scenarios. The publi...

9.8CVSS8.1AI score0.32676EPSS
Exploits1References4Affected Software1
Vulnrichment
Vulnrichment
added 2022/07/28 3:21 p.m.21 views

CVE-2022-2564 Prototype Pollution in automattic/mongoose

Prototype Pollution in GitHub repository automattic/mongoose prior to 6.4.6...

7CVSS6.7AI score0.32676EPSS
Exploits1References4
Cvelist
Cvelist
added 2022/07/28 3:21 p.m.32 views

CVE-2022-2564 Prototype Pollution in automattic/mongoose

Prototype Pollution in GitHub repository automattic/mongoose prior to 6.4.6...

7CVSS9.7AI score0.32676EPSS
Exploits1References4
Rows per page
Query Builder