Prototype Pollution

Overview dojo is a foundation package for the Dojo 1 Toolkit. While still being maintained, new development is primarily focused on modern Dojo. Affected versions of this package are vulnerable to Prototype Pollution. The deepCopy method within dojo could be tricked into adding or modifying...

CVE-2019-2227

CVE-2019-2227 affects Android devices via a DeepCopy bug in btif_av.cc that can trigger an out-of-bounds read, enabling remote information disclosure over Bluetooth without user interaction. The entry covers Android 9 and 10, with impact described as information disclosure (confidentiality) and a...

Microsoft Edge Chakra JIT - Stack-to-Heap Copy (Incomplete Fix) (1)

/ Here's a snippet of JavascriptArray::BoxStackInstance. To fix issue 1420 , "deepCopy" was introduced. But it only deep-copies the array when "instance-head" is on the stack. So simply by adding a single line of code that allocates "head" to the heap, we can bypass the fix. template T...

Microsoft Edge Chakra JIT - Stack-to-Heap Copy (Incomplete Fix 2) Exploit

Exploit for windows platform in category dos / poc / Here's a snippet of JavascriptArray::BoxStackInstance. template T JavascriptArray::BoxStackInstanceT instance, bool deepCopy AssertThreadContext::IsOnStackinstance; // On the stack, the we reserved a pointer before the object as to store the...

python security, bug fix, and enhancement update

2.6.6-64.0.1 - Add Oracle Linux distribution in platform.py orabug 21288328 Keshav Sharma 2.6.6-64 - Enable use of deepcopy with instance methods Resolves: rhbz1223037 2.6.6-63 - Since -libs now provide python-ordered dict, added ordereddict dist-info to site-packages Resolves: rhbz1199997 2.6.6-...