12 matches found
CVE-2026-15062 SQL Injection in Snowflake Snowpark Python SDK
SQL injection vulnerabilities in the Snowflake Snowpark Python SDK snowpark-python versions prior to 1.53.0 could allow authenticated low-privilege users to execute SQL beyond their authorization scope. An attacker could exploit these vulnerabilities by embedding SQL payloads in source database...
Prototype Pollution
csvjson is vulnerable to Prototype Pollution. The vulnerability is due to improper validation of user-supplied input in the toCsv function, which allows an attacker to supply a crafted payload to inject properties on Object.prototype, potentially leading to denial of service DoS or unexpected...
EUVD-2025-31049
Malicious code in bioql PyPI...
Prototype Pollution
Overview csvjson is a convert csv to json and json to csv Affected versions of this package are vulnerable to Prototype Pollution via the toCsv function. An attacker can cause a denial of service by injecting properties into Object.prototype through a crafted payload. Details Prototype Pollution ...
GHSA-XQ4F-3JXP-QV6M csvjson vulnerable to prototype injection
A Prototype Pollution vulnerability in the toCsv function of csvjson versions thru 5.1.0 allows attackers to inject properties on Object.prototype via supplying a crafted payload, causing denial of service DoS as the minimum consequence...
csvjson vulnerable to prototype injection
A Prototype Pollution vulnerability in the toCsv function of csvjson versions thru 5.1.0 allows attackers to inject properties on Object.prototype via supplying a crafted payload, causing denial of service DoS as the minimum consequence...
CVE-2025-57318
A Prototype Pollution vulnerability in the toCsv function of csvjson versions thru 5.1.0 allows attackers to inject properties on Object.prototype via supplying a crafted payload, causing denial of service DoS as the minimum consequence...
CVE-2025-57318
A Prototype Pollution vulnerability in the toCsv function of csvjson versions thru 5.1.0 allows attackers to inject properties on Object.prototype via supplying a crafted payload, causing denial of service DoS as the minimum consequence...
CVE-2025-57318
CVE-2025-57318 affects the csvjson package (toCsv function) up to version 5.1.0. A crafted payload can pollute Object.prototype via unsafe merging/definition paths, enabling a denial of service (DoS) as the minimum impact. Remediation per multiple sources: upgrade to a version later than 5.1.0 or...
csvjson 安全漏洞
csvjson is a csv to json library by Pradeep Personal Developer. A security vulnerability exists in csvjson 5.1.0 and earlier versions, which stems from prototype contamination in the toCsv function, which allows an attacker to inject properties via a specially crafted payload, potentially resulti...
CVE-2025-57318
A Prototype Pollution vulnerability in the toCsv function of csvjson versions thru 5.1.0 allows attackers to inject properties on Object.prototype via supplying a crafted payload, causing denial of service DoS as the minimum consequence...
CVE-2025-57318
A Prototype Pollution vulnerability in the toCsv function of csvjson versions thru 5.1.0 allows attackers to inject properties on Object.prototype via supplying a crafted payload, causing denial of service DoS as the minimum consequence...