CVE-2025-8101 vulnerabilities

Vulnerabilities for packages: gitlab-rails-ce-fips...

@a.agiir/cinny (>=0.0.1 <=0.0.2), @a1tan/plugin-azure-openai (=0.4.0) +802 more potentially affected by CVE-2025-8101 via linkifyjs (>=4.0.0-beta.4 <=4.3.1)

linkifyjs NPM version =4.0.0-beta.4, =0.0.1, =0.1.0, =0.1.0, =1.0.0, =0.1.8, =0.1.10 - @alithya-oss/backstage-plugin-rag-ai =1.2.7 - @alithya-oss/backstage-plugin-time-saver =1.4.5 and more Source cves: CVE-2025-8101 Source advisory: SNYK:JS-LINKIFYJS-11502189...

@a.agiir/cinny (>=0.0.1 <=0.0.2), @a1tan/plugin-azure-openai (=0.4.0) +1203 more potentially affected by CVE-2025-8101 via linkifyjs (>=2.1.4 <=4.3.1)

linkifyjs NPM version =2.1.4, =0.0.1, =0.1.0, =0.1.0, =3.0.0, =0.4.1, =2.6.1, =0.1.1, =0.0.2, =0.25.0, =0.43.0 - @ajinkya-harness/backstage-ci-cd-test =0.9.0 - @alican.kuklaci/console-feed =3.5.0 - @alithya-oss/backstage-plugin-amazon-ecs =0.4.8 - @alithya-oss/backstage-plugin-aws-codebuild =0.5....

@a.agiir/cinny (>=0.0.1 <=0.0.2), @a1tan/plugin-azure-openai (=0.4.0) +790 more potentially affected by CVE-2025-8101 via linkify-react (>=4.0.0-beta.4 <=4.3.1)

linkify-react NPM version =4.0.0-beta.4, =0.0.1, =0.1.0, =0.1.0, =1.0.0, =0.1.8, =0.1.10 - @alithya-oss/backstage-plugin-rag-ai =1.2.7 - @alithya-oss/backstage-plugin-time-saver =1.4.5 and more Source cves: CVE-2025-8101 Source advisory: SNYK:JS-LINKIFYREACT-11502190...

CVE-2025-8101

A prototype pollution vulnerability was found in Linkify. This vulnerability allows an attacker to inject HTML attributes and manipulate user-controlled variables. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product...

CVE-2025-8101

Improperly Controlled Modification of Object Prototype Attributes 'Prototype Pollution' vulnerability in Linkify linkifyjs allows XSS Targeting HTML Attributes and Manipulating User-Controlled Variables.This issue affects Linkify: from 4.3.1 before 4.3.2...

CVE-2025-8101

Improperly Controlled Modification of Object Prototype Attributes 'Prototype Pollution' vulnerability in Linkify linkifyjs allows XSS Targeting HTML Attributes and Manipulating User-Controlled Variables.This issue affects Linkify: from 4.3.1 before 4.3.2...

CVE-2025-8101

CVE-2025-8101 affects the Linkify library (linkifyjs). It is a prototype pollution vulnerability in Linkify from version 4.3.1 prior to 4.3.2, enabling manipulation of Object.prototype and potential HTML attribute injection leading to XSS. The issue stems from improper handling of the proto path ...

CVE-2025-8101 Linkify 4.3.1 - Prototype Pollution & HTML Attribute Injection (XSS)

Improperly Controlled Modification of Object Prototype Attributes 'Prototype Pollution' vulnerability in Linkify linkifyjs allows XSS Targeting HTML Attributes and Manipulating User-Controlled Variables.This issue affects Linkify: from 4.3.1 before 4.3.2...