9 matches found
SUSE CVE-2024-38526
pdoc provides API Documentation for Python Projects. Documentation generated with pdoc --math linked to JavaScript files from polyfill.io. The polyfill.io CDN has been sold and now serves malicious code. This issue has been fixed in pdoc 14.5.1...
VulnCheck KEV: CVE-2024-38526
pdoc provides API Documentation for Python Projects. Documentation generated with pdoc --math linked to JavaScript files from polyfill.io. The polyfill.io CDN has been sold and now serves malicious code...
WordPress TotalSurvey plugin <= 1.9.3 - Malicious Polyfill.io Embed vulnerability
Malicious Polyfill.io Embed vulnerability discovered by Sansec.io in WordPress Plugin TotalSurvey versions = 1.9.3...
WordPress ShipAny plugin <= 1.1.52 - Malicious Polyfill.io Embed vulnerability
Malicious Polyfill.io Embed vulnerability discovered by Sansec.io in WordPress Plugin ShipAny versions = 1.1.52...
WordPress Meal Tracker plugin <= 3.1.6 - Malicious Polyfill.io Embed vulnerability
Malicious Polyfill.io Embed vulnerability discovered by Sansec.io in WordPress Plugin Meal Tracker versions = 3.1.6...
WordPress Mine Video Player plugin <= 2.8.11 - Malicious Polyfill.io Embed vulnerability
Malicious Polyfill.io Embed vulnerability discovered by Sansec.io in WordPress Plugin Mine Video Player versions = 2.8.11...
WordPress WP User Frontend plugin <= 4.0.7 - Malicious Polyfill.io Embed vulnerability
Malicious Polyfill.io Embed vulnerability discovered by Sansec.io in WordPress Plugin WP User Frontend versions = 4.0.7...
WordPress wp-code-highlightjs plugin <= 0.6.3 - Malicious Polyfill.io Embed vulnerability
Malicious Polyfill.io Embed vulnerability discovered by Sansec.io in WordPress Plugin wp-code-highlightjs versions = 0.6.3...
GHSA-5VGJ-GGM4-FG62 pdoc embeds link to malicious CDN if math mode is enabled
Impact Documentation generated with pdoc --math linked to JavaScript files from polyfill.io. The polyfill.io CDN has been sold and now serves malicious code. Users who produce documentation with math mode should update immediately. All other users are unaffected. Patches This issue has been fixed...