EUVD-2021-2394

Malware in sbrugna...

GHSA-V5VG-G7RQ-363W Prototype Pollution in json-pointer

This affects versions of package json-pointer up to and including 0.6.1. A type confusion vulnerability can lead to a bypass of CVE-2020-7709 when the pointer components are arrays...

CVE-2021-23820

This affects all versions of package json-pointer. A type confusion vulnerability can lead to a bypass of CVE-2020-7709 when the pointer components are arrays...

CVE-2021-23820

This affects all versions of package json-pointer. A type confusion vulnerability can lead to a bypass of CVE-2020-7709 when the pointer components are arrays...

Type confusion

This affects all versions of package json-pointer. A type confusion vulnerability can lead to a bypass of CVE-2020-7709 when the pointer components are arrays...

Prototype Pollution

Overview json-pointer is a set of utilities for JSON pointers described by RFC 6901 Affected versions of this package are vulnerable to Prototype Pollution. A type confusion vulnerability can lead to a bypass of CVE-2020-7709 when the pointer components are arrays. PoC const pointer =...

Prototype Pollution

Overview json-pointer before 0.6.1 is vulnerable to prototype pollution. Multiple reference of object using slash is supported. Recommendation Upgrade to version 0.6.1 or later References - CVE - GitHub Advisory...

@amitport/koangular-users (=0.0.0), @antimatter-studios/dredd (>=14.1.0 <=15.0.11) +202 more potentially affected by CVE-2020-7709 via json-pointer (>=0.0.4 <=0.6.0)

json-pointer NPM version =0.0.4, =14.1.0, =0.0.1, =0.0.2, =0.0.1, =1.2.6, =2.7.2, =1.0.0, =0.0.0-development, =1.0.0, =2.21.3, =0.1.0, =1.0.1 - ajv-moment =1.0.0 and more Source cves: CVE-2020-7709 Source advisory: OSV:GHSA-7MG4-W3W5-X5PC...

CVE-2020-7709

creationtimestamp| type| source ---|---|--- 2020-10-05 12:26:53+00:00| seen| https://t.me/cibsecurity/15042 2021-11-03 21:23:24+00:00| seen| https://t.me/cibsecurity/31764 2025-03-06 02:16:32+00:00| seen| Telegram/5Po-rRJ6sich4EZN5FageLUhiZbI1ydUPANPdiBuGfsReJA...

CVE-2020-7709

This affects the package json-pointer before 0.6.1. Multiple reference of object using slash is supported...

CVE-2020-7709

CVE-2020-7709 affects the json-pointer package prior to 0.6.1. A type confusion vulnerability occurs when pointer components are arrays, which can bypass the fix for CVE-2020-7709. The issue has been echoed downstream in related advisories (e.g., CVE-2021-23820) and is discussed in npm advisory e...

CVE-2020-7709 Prototype Pollution

This affects the package json-pointer before 0.6.1. Multiple reference of object using slash is supported...

@amitport/koangular-users (=0.0.0), @antimatter-studios/dredd (>=14.1.0 <=15.0.11) +202 more potentially affected by CVE-2020-7709 via json-pointer (>=0.0.4 <=0.6.0)

json-pointer NPM version =0.0.4, =14.1.0, =0.0.1, =0.0.2, =0.0.1, =1.2.6, =2.7.2, =1.0.0, =0.0.0-development, =1.0.0, =2.21.3, =0.1.0, =1.0.1 - ajv-moment =1.0.0 and more Source cves: CVE-2020-7709 Source advisory: SNYK:JS-JSONPOINTER-596925...