5 matches found
EUVD-2022-2258
Malicious code in bioql PyPI...
@alma3lol/react-mvvm (>=1.0.0 <=1.3.0), @alveo-vl/jsalveo (=0.1.0) +280 more potentially affected by CVE-2022-21189 via dexie (>=1.3.6 <=3.2.1)
dexie NPM version =1.3.6, =1.0.0, =0.1.0, =2.1.0-testnet.79, =2.2.0-alpha.5, =0.5.1, =0.1.29-alpha.0, =0.0.1, =0.8.7, =0.9.14, =0.9.21, =0.9.14, =0.5.1, =1.0.0 and more Source cves: CVE-2022-21189 Source advisory: OSV:GHSA-3XGX-R9J4-QW9W...
@bildvitta/vuex-offline (>=3.0.0-beta.0 <=3.0.0-beta.3), @indexeddb-orm/idb-orm (>=0.0.1 <=0.0.3) +4 more potentially affected by CVE-2022-21189 via dexie (>=4.0.0-alpha.1 <=4.0.0-alpha.2)
dexie NPM version =4.0.0-alpha.1, =3.0.0-beta.0, =0.0.1, =1.0.0, =1.0.0, =11.5.0, =12.4.1 Source cves: CVE-2022-21189 Source advisory: OSV:GHSA-3XGX-R9J4-QW9W...
Dexie 安全漏洞
Dexie is a wrapper library for indexedDB a standard database in the browser that provides a clean database API. A security vulnerability exists in Dexie versions prior to 3.2.2, 4.0.0-alpha.1 through 4.0.0-alpha.3, which can be exploited by an attacker to cause a Denial of Service DoS attack...
@amedia/user (>=0.1.0 <=0.3.2), @aztec/alpha-sdk (=2.2.0) +61 more potentially affected by CVE-2022-21189 via dexie (>=3.0.0-rc.3 <=3.0.3)
dexie NPM version =3.0.0-rc.3, =0.1.0, =2.1.0-testnet.79, =2.2.0-alpha.5, =0.0.1-beta.1, =0.2.20, =0.14.37, =1.0.0, =2.2.0-alpha.3, =0.5.7, =0.5.7, =0.0.3, =0.0.3, =0.0.3, =0.0.6 and more Source cves: CVE-2022-21189 Source advisory: SNYK:JS-DEXIE-2607042...