CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

16 matches found

Veracode•added 2024/07/02 7:10 a.m.•17 views

Prototype Pollution

adolphdudu/ratio-swiper is vulnerable to Prototype Pollution. The vulnerability is due to by passing crafted arguments with the proto property using functions like extendDefaults and parse. The vulnerability allows attackers to alter the behavior of all objects inheriting from the affected...

6.5CVSS6.8AI score0.00521EPSS

Exploits1References2Affected Software1

Github Security Blog•added 2024/07/01 3:32 p.m.•12 views

adolph_dudu ratio-swiper was discovered to contain a prototype pollution via the function extendDefaults

adolphdudu ratio-swiper v0.0.2 was discovered to contain a prototype pollution via the function extendDefaults. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service DoS via injecting arbitrary properties...

6.5CVSS8.2AI score0.00462EPSS

Exploits1References3Affected Software1

OSV•added 2024/07/01 3:32 p.m.•9 views

GHSA-88VR-HJQX-57QH adolph_dudu ratio-swiper was discovered to contain a prototype pollution via the function extendDefaults

6.5CVSS6.9AI score0.00462EPSS

Exploits1References3

NVD•added 2024/07/01 1:15 p.m.•9 views

CVE-2024-39853

adolphdudu ratio-swiper 0.0.2 was discovered to contain a prototype pollution via the function parse. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service DoS via injecting arbitrary properties...

6.5CVSS0.00521EPSS

Exploits1References1

NVD•added 2024/07/01 1:15 p.m.•13 views

CVE-2024-38997

6.5CVSS0.00462EPSS

Exploits1References1

NVD•added 2024/07/01 1:15 p.m.•9 views

CVE-2024-39000

adolphdudu ratio-swiper v0.0.2 was discovered to contain a prototype pollution via the function parse. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service DoS via injecting arbitrary properties...

6.5CVSS0.00386EPSS

Exploits0References1

Cvelist•added 2024/07/01 12:0 a.m.•11 views

CVE-2024-39000

0.00386EPSS

Exploits0References1

Vulnrichment•added 2024/07/01 12:0 a.m.•11 views

CVE-2024-39000

8.2AI score0.00386EPSS

Exploits0References1

Vulnrichment•added 2024/07/01 12:0 a.m.•12 views

CVE-2024-38997

8.2AI score0.00462EPSS

Exploits1References1

CVE•added 2024/07/01 12:0 a.m.•45 views

CVE-2024-39000

Prototype pollution in adolph_dudu ratio-swiper v0.0.2 is caused by the parse function, enabling attackers to inject arbitrary properties that can lead to arbitrary code execution or DoS. Multiple sources (NVD, Red Hat, CNNVD, CVE/CVE-List, PT-Guard) confirm the issue and affected component. The ...

6.5CVSS8.3AI score0.00386EPSS

Exploits0References1Affected Software1

CVE•added 2024/07/01 12:0 a.m.•47 views

CVE-2024-39853

The CVE-2024-39853 entry concerns the ratio-swiper library by adolph_dudu, version 0.0.2. The root cause is a prototype pollution vulnerability in the parse function, which could enable an attacker to inject arbitrary properties into objects and potentially alter behavior of objects inheriting fr...

6.5CVSS8.3AI score0.00521EPSS

Exploits1References1Affected Software1

CVE•added 2024/07/01 12:0 a.m.•46 views

CVE-2024-38997

CVE-2024-38997 affects the adolph_dudu ratio-swiper package (v0.0.2). The issue is a prototype pollution vulnerability in the extendDefaults function, enabling attackers to inject arbitrary properties and potentially execute arbitrary code or trigger a Denial of Service (DoS). Public details cove...

6.5CVSS8.3AI score0.00462EPSS

Exploits1References1Affected Software1

Cvelist•added 2024/07/01 12:0 a.m.•10 views

CVE-2024-38997

0.00462EPSS

Exploits1References1

Cvelist•added 2024/07/01 12:0 a.m.•12 views

CVE-2024-39853

0.00521EPSS

Exploits1References1

Vulnrichment•added 2024/07/01 12:0 a.m.•13 views

CVE-2024-39853