Lucene search
K

4 matches found

EUVD
EUVD
added 2026/05/04 5:45 a.m.16 views

EUVD-2026-26917

A vulnerability was identified in osrg GoBGP up to 4.3.0. Affected by this issue is the function BMPPeerUpNotification.ParseBody/BMPStatisticsReport.ParseBody of the file pkg/packet/bmp/bmp.go of the component BMP Parser. The manipulation leads to out-of-bounds read. The attack can be initiated...

6.9CVSS5.7AI score0.00631EPSS
Exploits0References6
Snyk
Snyk
added 2026/03/11 12:31 a.m.4 views

Prototype Pollution

Overview hono is an Ultrafast web framework for the Edges Affected versions of this package are vulnerable to Prototype Pollution in parseBody, when the dot option is enabled. An attacker can supply objects with proto properties, which may later be merged by other functions in the application,...

6.3CVSS6.3AI score
Exploits0References2
OSV
OSV
added 2026/03/11 12:31 a.m.3 views

GHSA-V8W9-8MX6-G223 Hono vulnerable to Prototype Pollution possible through __proto__ key allowed in parseBody({ dot: true })

Summary When using parseBody dot: true in HonoRequest, specially crafted form field names such as proto.x could create objects containing a proto property. If the parsed result is later merged into regular JavaScript objects using unsafe merge patterns, this may lead to prototype pollution in the...

4.8CVSS5.9AI score
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/03/11 12:31 a.m.18 views

Hono vulnerable to Prototype Pollution possible through __proto__ key allowed in parseBody({ dot: true })

Summary When using parseBody dot: true in HonoRequest, specially crafted form field names such as proto.x could create objects containing a proto property. If the parsed result is later merged into regular JavaScript objects using unsafe merge patterns, this may lead to prototype pollution in the...

5.8AI score
Exploits0References3Affected Software1
Rows per page
Query Builder