Lucene search
K

5 matches found

Circl
Circl
added 2022/06/18 12:23 a.m.4 views

CVE-2022-25871

creationtimestamp| type| source ---|---|--- 2022-06-18 00:23:13+00:00| seen| https://t.me/cibsecurity/44761...

7.5CVSS7.3AI score0.011EPSS
Exploits1References1
vulnersOsv
vulnersOsv
added 2022/06/18 12:0 a.m.4 views

@mohamed.abdelall/omni-backend (>=1.0.0 <=1.1.53), generator-rest (=0.2.0) +7 more potentially affected by CVE-2022-25871 via querymen (=2.1.4)

querymen NPM version =2.1.4 is affected by a known vulnerability. The following packages have a transitive dependency on querymen and may be impacted: - @mohamed.abdelall/omni-backend =1.0.0, =0.0.1, =1.0.0, =1.0.0, =0.1.0, =1.0.14, =1.0.6, =1.4.10 - vulnogram =0.1.0-rc1 Source cves: CVE-2022-258...

7.5CVSS7.1AI score0.011EPSS
Exploits1
Cvelist
Cvelist
added 2022/06/17 8:5 p.m.29 views

CVE-2022-25871 Prototype Pollution

All versions of package querymen are vulnerable to Prototype Pollution if the parameters of exported function handlertype, name, fn can be controlled by users without any sanitization. Note: This vulnerability derives from an incomplete fix of CVE-2020-7600...

5.9CVSS6.3AI score0.011EPSS
Exploits1References1
CVE
CVE
added 2022/06/17 8:5 p.m.69 views

CVE-2022-25871

Summary (CVE-2022-25871) : Affects the Node.js middleware querymen . It allows Prototype Pollution through the parameters of the exported function handler(type, name, fn) when user-controlled input is not sanitized; this stems from an incomplete fix of CVE-2020-7600. The CVE entry notes the vulne...

7.5CVSS5.5AI score0.011EPSS
Exploits1References1Affected Software1
vulnersOsv
vulnersOsv
added 2022/02/02 1:19 p.m.5 views

@mohamed.abdelall/omni-backend (>=1.0.0 <=1.1.53), generator-rest (=0.2.0) +7 more potentially affected by CVE-2020-7600 +1 more via querymen (=2.1.4)

querymen NPM version =2.1.4 is affected by a known vulnerability. The following packages have a transitive dependency on querymen and may be impacted: - @mohamed.abdelall/omni-backend =1.0.0, =0.0.1, =1.0.0, =1.0.0, =0.1.0, =1.0.14, =1.0.6, =1.4.10 - vulnogram =0.1.0-rc1 Source cves: CVE-2020-760...

7.5CVSS6.6AI score0.01127EPSS
Exploits2
Rows per page
Query Builder