GHSA-896R-F27R-55MW json-schema is vulnerable to Prototype Pollution

json-schema before version 0.4.0 is vulnerable to Improperly Controlled Modification of Object Prototype Attributes 'Prototype Pollution'...

CVE-2021-3918

The json-schema Node.JS library was vulnerable to prototype pollution during the validation of a JSON object. An attacker, able to provide a specially crafted JSON file for validation, could use this flaw to modify the behavior of the node program, to, for example, execute arbitrary code...

json-schema has an unspecified vulnerability

json-schema is this is a historical repository of early development of the JSON Schema specification and implementation. json-schema suffers from a security vulnerability that stems from the vulnerability of json-schema to improper control of object prototype properties "prototype pollution". No...

Prototype Pollution

json-schema is vulnerable to prototype pollution. An attacker can inject properties into existing construct prototypes via the checkObj function in validate.js and modify attributes such as proto. and constructor...

CVE-2021-3918

json-schema is vulnerable to Improperly Controlled Modification of Object Prototype Attributes 'Prototype Pollution'...

CVE-2021-3918

json-schema is vulnerable to Improperly Controlled Modification of Object Prototype Attributes 'Prototype Pollution'...

DEBIAN-CVE-2021-3918

json-schema is vulnerable to Improperly Controlled Modification of Object Prototype Attributes 'Prototype Pollution'...

Code injection

json-schema is vulnerable to Improperly Controlled Modification of Object Prototype Attributes 'Prototype Pollution'...

CVE-2021-3918

json-schema is vulnerable to Improperly Controlled Modification of Object Prototype Attributes 'Prototype Pollution'...

UBUNTU-CVE-2021-3918

json-schema is vulnerable to Improperly Controlled Modification of Object Prototype Attributes 'Prototype Pollution'...

CVE-2021-3918 Prototype Pollution in kriszyp/json-schema

json-schema is vulnerable to Improperly Controlled Modification of Object Prototype Attributes 'Prototype Pollution'...

json-schema 安全漏洞

json-schema is this is a historical repository of early development of the JSON Schema specification and implementation. json-schema suffers from a security vulnerability that stems from the vulnerability of json-schema to improper control of object prototype properties "prototype pollution". No...

CVE-2021-3918

CVE-2021-3918 affects json-schema (kriszyp/json-schema) and is a Prototype Pollution vulnerability in the JSON Schema validator. Connected documents identify node-json-schema as affected with concrete remediation in Debian 10: package node-json-schema version 0.2.3-1+deb10u1 fixes the issue. Othe...

CVE-2021-3918

json-schema is vulnerable to Improperly Controlled Modification of Object Prototype Attributes 'Prototype Pollution'...

Prototype Pollution in kriszyp/json-schema

Description A constructed payload sent to validate will lead to prototype pollution. Proof of Concept // PoC.js const validate = require"json-schema"; const instance = JSON.parse "$schema": "type": "object", "properties": "proto": "type": "object", "properties": "polluted": "type": "string",...

GHSA-4JG2-84C2-PJ95 Improper Control of Generation of Code ('Code Injection') in @asyncapi/modelina

Impact Anyone who is using the default presets and/or does not handle the functionality themself. Patches It is impossible to fully guard against this, because users have access to the original raw information. However, as of version 1, if you only access the constrained models, you will not...

Improper Control of Generation of Code ('Code Injection') in @asyncapi/modelina

Impact Anyone who is using the default presets and/or does not handle the functionality themself. Patches It is impossible to fully guard against this, because users have access to the original raw information. However, as of version 1, if you only access the constrained models, you will not...

Security Bulletin: CVE-2020-15366 An issue was discovered in ajv.validate() in Ajv (aka Another JSON Schema Validator) 6.12.2.

Summary CVE-2020-15366 An issue was discovered in ajv.validate in Ajv aka Another JSON Schema Validator 6.12.2. A carefully crafted JSON schema could be provided that allows execution of other code by prototype pollution. While untrusted schemas are recommended against, the worst case of an...

Fedora: Security Advisory for python-fastapi (FEDORA-2021-e7fabd81fb)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 34 Update: python-fastapi-0.65.1-2.fc34

FastAPI is a modern, fast high-performance, web framework for building AP Is with Python 3.6+ based on standard Python type hints. The key features are: =EF=BF=BD=EF=BF=BD=EF=BF=BD Fast: Very high performance, on par with Node JS and Go thanks to Starlette and Pydantic. One of the fastest Python...