CVE-2026-12208

A flaw was found in the jsonata JavaScript library. A prototype pollution vulnerability exists in the createFrame function in src/jsonata.js, allowing a remote attacker to manipulate object prototype attributes. This could lead to unauthorized modification of application behavior. Mitigation Do n...

CVE-2026-12208 jsonata-js jsonata Function Binding Frame System jsonata.js createFrame prototype pollution

A weakness has been identified in jsonata-js jsonata up to 2.2.0. The affected element is the function createFrame of the file src/jsonata.js of the component Function Binding Frame System. This manipulation causes improperly controlled modification of object prototype attributes. It is possible ...

EUVD-2026-36682

A weakness has been identified in jsonata-js jsonata up to 2.2.0. The affected element is the function createFrame of the file src/jsonata.js of the component Function Binding Frame System. This manipulation causes improperly controlled modification of object prototype attributes. It is possible ...

SUSE CVE-2016-1971

The I420VideoFrame::CreateFrame function in the WebRTC implementation in Mozilla Firefox before 45.0 on Windows omits an unspecified status check, which might allow remote attackers to cause a denial of service memory corruption or possibly have other impact via unknown vectors...

CVE-2015-8480

The VideoFramePool::PoolImpl::CreateFrame function in media/base/videoframepool.cc in Google Chrome before 47.0.2526.73 does not initialize memory for a video-frame data structure, which might allow remote attackers to cause a denial of service out-of-bounds memory access or possibly have...