Atlassian Jira Service Management Data Center and Server 10.3.x< 10.3.14 / 11.0.x < 11.3.0 (JSDSERVER-16470)

The version of Atlassian Jira Service Management Data Center and Server Jira Service Desk running on the remote host is affected by a vulnerability as referenced in the JSDSERVER-16470 advisory. - ZRender is a lightweight graphic library providing 2d draw for Apache ECharts. In versions prior to...

Prototype Pollution zrender Dependency in Jira Service Management Data Center and Server

This is a vulnerability in a non-Atlassian Jira Service Management dependency. Atlassian's application of this dependency presents a lower, non-critical assessed risk. This Critical severity Prototype Pollution vulnerability known as CVE-2022-39227 was introduced in 10.3.0, and 11.0.0 of Jira...

EUVD-2021-2053

Malware in sbrugna...

CVE-2021-39227

ZRender is a lightweight graphic library providing 2d draw for Apache ECharts. In versions prior to 5.2.1, using merge and clone helper methods in the src/core/util.ts module results in prototype pollution. It affects the popular data visualization library Apache ECharts, which uses and exports...

@cromwell/admin-panel (>=1.1.3 <=2.1.8), @cromwell/cms (>=1.1.7 <=2.1.12) +113 more potentially affected by CVE-2021-39227 via zrender (>=5.0.1 <=5.2.0)

zrender NPM version =5.0.1, =1.1.3, =1.1.7, =0.0.3-beta.7, =0.0.1, =0.0.1, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =0.0.1, =7.2.2, =1.0.0, =1.1.0 - @lingxiteam/pcfactory =0.2.0 and more Source cves: CVE-2021-39227 Source advisory: OSV:GHSA-FHV8-FX5F-7FXF...

GHSA-FHV8-FX5F-7FXF Prototype Pollution in the merge and clone helper methods

Impact Using merge and clone helper methods in the src/core/util.ts module will have prototype pollution. It will affect the popular data visualization library Apache ECharts, which is using and exported these two methods directly. Patches It has been patched in...

Prototype Pollution in the merge and clone helper methods

Impact Using merge and clone helper methods in the src/core/util.ts module will have prototype pollution. It will affect the popular data visualization library Apache ECharts, which is using and exported these two methods directly. Patches It has been patched in...

Prototype Pollution

zrender is vulnerable to prototype pollution. An attacker is able to inject malicious property using merge and clone helper methods in the src/core/util.ts causing prototype pollution via proto...

CVE-2021-39227

ZRender is a lightweight graphic library providing 2d draw for Apache ECharts. In versions prior to 5.2.1, using merge and clone helper methods in the src/core/util.ts module results in prototype pollution. It affects the popular data visualization library Apache ECharts, which uses and exports...

CVE-2021-39227

ZRender is a lightweight graphic library providing 2d draw for Apache ECharts. In versions prior to 5.2.1, using merge and clone helper methods in the src/core/util.ts module results in prototype pollution. It affects the popular data visualization library Apache ECharts, which uses and exports...

Design/Logic Flaw

ZRender is a lightweight graphic library providing 2d draw for Apache ECharts. In versions prior to 5.2.1, using merge and clone helper methods in the src/core/util.ts module results in prototype pollution. It affects the popular data visualization library Apache ECharts, which uses and exports...

CVE-2021-39227 Fix prototype pollution in the zrender merge and clone helper methods

ZRender is a lightweight graphic library providing 2d draw for Apache ECharts. In versions prior to 5.2.1, using merge and clone helper methods in the src/core/util.ts module results in prototype pollution. It affects the popular data visualization library Apache ECharts, which uses and exports...

CVE-2021-39227

CVE-2021-39227 affects ZRender prior to 5.2.1, enabling prototype pollution via the merge and clone helpers in src/core/util.ts. Apache ECharts uses and exports these methods, so the vulnerability can impact dependent code paths. The issue is patched in ZRender 5.2.1; a documented workaround is t...

ZRender 安全漏洞

ZRender is an open source, lightweight graphics library that provides 2d drawing for Apache charts. A security vulnerability exists in ZRender that arises from improper design or implementation during code development for a web-based system or product...

PT-2021-22477 · Apache · Apache Echarts

Name of the Vulnerable Software and Affected Versions: ZRender versions prior to 5.2.1 Apache ECharts versions prior to 5.2.1 Description: The issue results in prototype pollution when using merge and clone helper methods in the src/core/util.ts module. It affects Apache ECharts, which uses and...