12 matches found
CVE-2022-2564
Prototype Pollution in GitHub repository automattic/mongoose prior to 6.4.6...
GHSA-RC4V-99CR-PJCM Prototype Pollution in ali-security/mongoose
Impact This vulnerability causes a Prototype Pollution in document.js, through functions such as findByIdAndUpdate. For applications using Express and EJS, this can potentially allow remote code execution. Patches The original patched version for mongoose 5.3.3 did not include a fix for...
Prototype Pollution in ali-security/mongoose
Impact This vulnerability causes a Prototype Pollution in document.js, through functions such as findByIdAndUpdate. For applications using Express and EJS, this can potentially allow remote code execution. Patches The original patched version for mongoose 5.3.3 did not include a fix for...
CVE-2022-24304
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2022-2564. Reason: This candidate is a duplicate of CVE-2022-2564. Notes: All CVE users should reference CVE-2022-2564 instead of this candidate. All references and descriptions in this candidate have been removed to prevent...
CVE-2022-24304
CVE-2022-24304 is rejected/not used; reference CVE-2022-2564 instead.
CVE-2022-2564
creationtimestamp| type| source ---|---|--- 2022-07-29 00:12:47+00:00| seen| https://t.me/cibsecurity/47245...
1405-authtokens (>=1.0.1 <=1.0.5), 1405_logging (=1.0.0) +3986 more potentially affected by CVE-2022-2564 via mongoose (>=1.0.0 <=5.13.14)
mongoose NPM version =1.0.0, =1.0.1, =1.0.7, =0.0.1, =0.0.2, =0.3.0, =0.0.1, =0.17.6, =0.0.1, =1.0.16, =1.0.30, =3.7.0, =3.8.2 and more Source cves: CVE-2022-2564 Source advisory: OSV:GHSA-F825-F98C-GJ3G...
CVE-2022-2564
Prototype Pollution in GitHub repository automattic/mongoose prior to 6.4.6...
CVE-2022-2564
Prototype Pollution in GitHub repository automattic/mongoose prior to 6.4.6...
CVE-2022-2564
CVE-2022-2564 covers a Prototype Pollution vulnerability in automattic/mongoose prior to 6.4.6. Some connected records describe the issue as prototype pollution via Schema.path, which could enable modification of the Object prototype and, per related advisories, potential DoS scenarios. The publi...
CVE-2022-2564 Prototype Pollution in automattic/mongoose
Prototype Pollution in GitHub repository automattic/mongoose prior to 6.4.6...
CVE-2022-2564 Prototype Pollution in automattic/mongoose
Prototype Pollution in GitHub repository automattic/mongoose prior to 6.4.6...