PT-2020-6438 · Telegram +2 · Telegram Macos +4

Name of the Vulnerable Software and Affected Versions: Telegram Android versions 7.0 through 7.0 2090 Telegram iOS versions prior to 7.1 Telegram macOS versions prior to 7.1 Description: The issue is related to type confusion errors in the VDasher constructor of the custom rlottie library used fo...

DEBIAN-CVE-2020-25791

An issue was discovered in the sized-chunks crate through 0.6.2 for Rust. In the Chunk implementation, the array size is not checked when constructed with unit...

jenkins-script-security-plugin: sandbox protection bypass via crafted constructor calls and crafted constructor bodies

Sandbox protection in Jenkins Script Security Plugin 1.70 and earlier could be circumvented through crafted constructor calls and crafted constructor bodies...

PT-2020-16213

Name of the Vulnerable Software and Affected Versions sized-chunks crate versions through 0.6.2 Description The issue concerns memory safety in the sized-chunks crate for Rust. Specifically, in the Chunk implementation, the array size is not checked when constructed with From, unit, or pair...

Command Injection in marsdb

All versions of marsdb are vulnerable to Command Injection. In the DocumentMatcher class, selectors on $where clauses are passed to a Function constructor unsanitized. This allows attackers to run arbitrary commands in the system when the function is executed. Recommendation No fix is currently...

GHSA-5MRR-RGP6-X4GR Command Injection in marsdb

All versions of marsdb are vulnerable to Command Injection. In the DocumentMatcher class, selectors on $where clauses are passed to a Function constructor unsanitized. This allows attackers to run arbitrary commands in the system when the function is executed. Recommendation No fix is currently...

GHSA-7R5F-7QR4-PF6Q Sandbox Breakout / Arbitrary Code Execution in notevil

Versions of notevil prior to 1.3.2 are vulnerable to Sandbox Escape leading to Remote Code Execution. The package fails to prevent access to the Function constructor by not checking the return values of function calls. This allows attackers to access the Function prototype's constructor leading t...

Sandbox Breakout / Arbitrary Code Execution in notevil

Versions of notevil prior to 1.3.2 are vulnerable to Sandbox Escape leading to Remote Code Execution. The package fails to prevent access to the Function constructor by not checking the return values of function calls. This allows attackers to access the Function prototype's constructor leading t...

GHSA-C7PP-G2V2-2766 DOM-based XSS in gmail-js

Affected versions of gmail-js are vulnerable to cross-site scripting in the tools.parseresponse, helper.get.visibleemailspost, and helper.get.emaildatapost functions, which pass user input directly into the Function constructor. Recommendation Update to version 0.6.5 or later...

DOM-based XSS in gmail-js

Affected versions of gmail-js are vulnerable to cross-site scripting in the tools.parseresponse, helper.get.visibleemailspost, and helper.get.emaildatapost functions, which pass user input directly into the Function constructor. Recommendation Update to version 0.6.5 or later...

CVE-2020-7713 Prototype Pollution

All versions of package arr-flatten-unflatten are vulnerable to Prototype Pollution via the constructor...

CVE-2020-7713

CVE-2020-7713 affects the npm package arr-flatten-unflatten . All versions up to and including 1.1.4 are vulnerable to prototype pollution via the constructor . Public advisories (GHSA, OSV, Snyk, Veracode) confirm the issue and provide a PoC demonstrating pollution of Object.prototype. There is ...

PT-2020-19735 · Npm · Arr-Flatten-Unflatten

Name of the Vulnerable Software and Affected Versions: arr-flatten-unflatten versions up to and including 1.1.4 Description: The issue concerns Prototype Pollution via the constructor. This means that an attacker could potentially manipulate the prototype of an object, leading to unintended...

Arbitrary Code Execution

Overview sandbox is a nifty javascript sandbox for node.js. Affected versions of this package are vulnerable to Arbitrary Code Execution through this.constructor.constructor. An attacker can execute arbitrary code in the system by evaluating payloads that have access to the main context, such as...

Huawei EulerOS: Security Advisory for PyYAML (EulerOS-SA-2020-1912)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Prototype Pollution

nis-utils is vulnerable to prototype pollution. The vulnerability exists as it allows the proto header to be set in the constructor...

Prototype Pollution

linux-cmdline is vulnerable to prototype pollution. The vulnerability exists as it was possible to include the proto header in the constructor...

CVE-2020-7704 Prototype Pollution

The package linux-cmdline before 1.0.1 are vulnerable to Prototype Pollution via the constructor...

Validation Bypass

jpv is vulnerable to validation bypass. The vulnerability exists as it does not properly validate if the constructor of the data matches...

Prototype Pollution

flat is vulnerable to prototype pollution. An attacker is able to inject properties into existing construct prototypes and modify attributes such as proto, constructor and prototype...