Lucene search
K

12 matches found

Cvelist
Cvelist
added yesterday10 views

CVE-2026-15062 SQL Injection in Snowflake Snowpark Python SDK

SQL injection vulnerabilities in the Snowflake Snowpark Python SDK snowpark-python versions prior to 1.53.0 could allow authenticated low-privilege users to execute SQL beyond their authorization scope. An attacker could exploit these vulnerabilities by embedding SQL payloads in source database...

9.6CVSS
Exploits0References1
Veracode
Veracode
added 2025/11/13 7:32 a.m.5 views

Prototype Pollution

csvjson is vulnerable to Prototype Pollution. The vulnerability is due to improper validation of user-supplied input in the toCsv function, which allows an attacker to supply a crafted payload to inject properties on Object.prototype, potentially leading to denial of service DoS or unexpected...

7.5CVSS6.8AI score0.00365EPSS
Exploits0References3Affected Software1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-31049

Malicious code in bioql PyPI...

7.5CVSS6.4AI score0.00365EPSS
Exploits0References4
Snyk
Snyk
added 2025/09/24 9:30 p.m.5 views

Prototype Pollution

Overview csvjson is a convert csv to json and json to csv Affected versions of this package are vulnerable to Prototype Pollution via the toCsv function. An attacker can cause a denial of service by injecting properties into Object.prototype through a crafted payload. Details Prototype Pollution ...

8.7CVSS8.1AI score0.00365EPSS
Exploits0References2
OSV
OSV
added 2025/09/24 9:30 p.m.5 views

GHSA-XQ4F-3JXP-QV6M csvjson vulnerable to prototype injection

A Prototype Pollution vulnerability in the toCsv function of csvjson versions thru 5.1.0 allows attackers to inject properties on Object.prototype via supplying a crafted payload, causing denial of service DoS as the minimum consequence...

7.5CVSS5.9AI score0.00365EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2025/09/24 9:30 p.m.9 views

csvjson vulnerable to prototype injection

A Prototype Pollution vulnerability in the toCsv function of csvjson versions thru 5.1.0 allows attackers to inject properties on Object.prototype via supplying a crafted payload, causing denial of service DoS as the minimum consequence...

7.5CVSS6.7AI score0.00365EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2025/09/24 9:15 p.m.6 views

CVE-2025-57318

A Prototype Pollution vulnerability in the toCsv function of csvjson versions thru 5.1.0 allows attackers to inject properties on Object.prototype via supplying a crafted payload, causing denial of service DoS as the minimum consequence...

7.5CVSS0.00365EPSS
Exploits0References2
OSV
OSV
added 2025/09/24 9:15 p.m.5 views

CVE-2025-57318

A Prototype Pollution vulnerability in the toCsv function of csvjson versions thru 5.1.0 allows attackers to inject properties on Object.prototype via supplying a crafted payload, causing denial of service DoS as the minimum consequence...

7.5CVSS5.8AI score0.00365EPSS
Exploits0References2
CVE
CVE
added 2025/09/24 12:0 a.m.16 views

CVE-2025-57318

CVE-2025-57318 affects the csvjson package (toCsv function) up to version 5.1.0. A crafted payload can pollute Object.prototype via unsafe merging/definition paths, enabling a denial of service (DoS) as the minimum impact. Remediation per multiple sources: upgrade to a version later than 5.1.0 or...

7.5CVSS6.3AI score0.00365EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2025/09/24 12:0 a.m.5 views

csvjson 安全漏洞

csvjson is a csv to json library by Pradeep Personal Developer. A security vulnerability exists in csvjson 5.1.0 and earlier versions, which stems from prototype contamination in the toCsv function, which allows an attacker to inject properties via a specially crafted payload, potentially resulti...

7.5CVSS6.3AI score0.00365EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/09/24 12:0 a.m.3 views

CVE-2025-57318

A Prototype Pollution vulnerability in the toCsv function of csvjson versions thru 5.1.0 allows attackers to inject properties on Object.prototype via supplying a crafted payload, causing denial of service DoS as the minimum consequence...

6.3AI score0.00365EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/09/24 12:0 a.m.10 views

CVE-2025-57318

A Prototype Pollution vulnerability in the toCsv function of csvjson versions thru 5.1.0 allows attackers to inject properties on Object.prototype via supplying a crafted payload, causing denial of service DoS as the minimum consequence...

0.00365EPSS
Exploits0References2
Rows per page
Query Builder