2424 matches found
CVE-2021-20083
Improperly Controlled Modification of Object Prototype Attributes 'Prototype Pollution' in jquery-plugin-query-object 2.2.3 allows a malicious user to inject properties into Object.prototype...
CVE-2021-20083
Improperly Controlled Modification of Object Prototype Attributes 'Prototype Pollution' in jquery-plugin-query-object 2.2.3 allows a malicious user to inject properties into Object.prototype...
Buffer overflow
Improperly Controlled Modification of Object Prototype Attributes 'Prototype Pollution' in jquery-bbq 1.2.1 allows a malicious user to inject properties into Object.prototype...
Buffer overflow
Improperly Controlled Modification of Object Prototype Attributes 'Prototype Pollution' in jquery-plugin-query-object 2.2.3 allows a malicious user to inject properties into Object.prototype...
CVE-2021-20083
CVE-2021-20083 corresponds to a prototype-pollution vulnerability in the JavaScript library jquery-plugin-query-object at version 2.2.3 . The issue, described as “Improperly Controlled Modification of Object Prototype Attributes (Prototype Pollution),” allows a malicious user to inject properties...
CVE-2021-20083
Improperly Controlled Modification of Object Prototype Attributes 'Prototype Pollution' in jquery-plugin-query-object 2.2.3 allows a malicious user to inject properties into Object.prototype...
CVE-2021-20084
Improperly Controlled Modification of Object Prototype Attributes 'Prototype Pollution' in jquery-sparkle 1.5.2-beta allows a malicious user to inject properties into Object.prototype...
CVE-2021-20084
Improperly Controlled Modification of Object Prototype Attributes 'Prototype Pollution' in jquery-sparkle 1.5.2-beta allows a malicious user to inject properties into Object.prototype...
CVE-2021-20087
Improperly Controlled Modification of Object Prototype Attributes 'Prototype Pollution' in jquery-deparam 0.5.1 allows a malicious user to inject properties into Object.prototype...
CVE-2021-20087
Improperly Controlled Modification of Object Prototype Attributes 'Prototype Pollution' in jquery-deparam 0.5.1 allows a malicious user to inject properties into Object.prototype...
Buffer overflow
Improperly Controlled Modification of Object Prototype Attributes 'Prototype Pollution' in jquery-deparam 0.5.1 allows a malicious user to inject properties into Object.prototype...
Buffer overflow
Improperly Controlled Modification of Object Prototype Attributes 'Prototype Pollution' in jquery-sparkle 1.5.2-beta allows a malicious user to inject properties into Object.prototype...
CVE-2021-20086
CVE-2021-20086 affects jquery-bbq 1.2.1 and involves prototype pollution through improper modification of Object.prototype. The published materials describe that an attacker could inject properties into Object.prototype, enabling manipulation of application behavior. IBM and related sources link ...
CVE-2021-20086
Improperly Controlled Modification of Object Prototype Attributes 'Prototype Pollution' in jquery-bbq 1.2.1 allows a malicious user to inject properties into Object.prototype...
CVE-2021-20087
Improperly Controlled Modification of Object Prototype Attributes 'Prototype Pollution' in jquery-deparam 0.5.1 allows a malicious user to inject properties into Object.prototype...
CVE-2021-20087
The CVE-2021-20087 entry concerns jquery-deparam 0.5.1, where an improper control over Object.prototype attributes enables prototype pollution (injecting properties into Object.prototype). The vulnerability is caused by modifying prototype objects in a way that affects all objects created afterwa...
CVE-2021-20084
CVE-2021-20084 affects jquery-sparkle version 1.5.2-beta, where an improperly controlled modification of Object.prototype leads to prototype pollution. The root cause is injection of properties into Object.prototype, enabling manipulation of derived objects and potential downstream impact. CVSS m...
CVE-2021-20084
Improperly Controlled Modification of Object Prototype Attributes 'Prototype Pollution' in jquery-sparkle 1.5.2-beta allows a malicious user to inject properties into Object.prototype...
AZL-45213 CVE-2021-31597 affecting package js-jquery 3.5.0-4
The xmlhttprequest-ssl package before 1.6.1 for Node.js disables SSL certificate validation by default, because rejectUnauthorized when the property exists but is undefined is considered to be false within the https.request function of Node.js. In other words, no certificate is ever rejected...
jquery-sparkle 安全漏洞
jquery-sparkle is an application. jQuery's "Don't Repeat Yourself" plugin/effects framework. A security vulnerability exists in jquery-sparkle 1.5.2-beta, which arises from an improperly controlled modification that allows a malicious user to inject properties into Object...