Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 10:26 a.m.8 views

CVE-2019-10790

taffydb npm module, vulnerable in all versions up to and including 2.7.3, allows attackers to forge adding additional properties into user-input processed by taffy which can allow access to any data items in the DB. taffy sets an internal index for each data item in its DB. However, it is found...

7.5CVSS6.7AI score0.01877EPSS
Exploits1References1
vulnersOsv
vulnersOsv
added 2020/02/19 4:43 p.m.5 views

@angstone/micro (=0.0.1), @angstone/microservice (=0.0.17) +4 more potentially affected by CVE-2019-10790 via taffy (=2.6.2)

taffy NPM version =2.6.2 is affected by a known vulnerability. The following packages have a transitive dependency on taffy and may be impacted: - @angstone/micro =0.0.1 - @angstone/microservice =0.0.17 - anrajs =1.0.0, =0.0.1, =0.0.7, =1.0.6 - neyka =3.0.0 Source cves: CVE-2019-10790 Source...

7.5CVSS7.1AI score0.01877EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2020/02/19 4:43 p.m.4 views

08cms (=1.0.0), 102f (>=1.0.0 <=1.0.1) +2206 more potentially affected by CVE-2019-10790 via taffydb (>=2.6.2 <=2.7.3)

taffydb NPM version =2.6.2, =1.0.0, =0.0.5, =1.0.0, =1.0.1-beta2, =1.0.40, =2.0.0, =1.6.0, =1.0.0, =1.0.1, =0.3.0, =1.0.2, =0.1.2, =0.2.0 - @adrian-alu0101024363/spread =0.1.3 and more Source cves: CVE-2019-10790 Source advisory: OSV:GHSA-MXHP-79QH-MCX6...

7.5CVSS7AI score0.01877EPSS
Exploits1
OSV
OSV
added 2020/02/17 8:15 p.m.20 views

CVE-2019-10790

taffydb npm module, vulnerable in all versions up to and including 2.7.3, allows attackers to forge adding additional properties into user-input processed by taffy which can allow access to any data items in the DB. taffy sets an internal index for each data item in its DB. However, it is found...

7.5CVSS7.5AI score0.01877EPSS
Exploits1References2
Wolfi
Wolfi
added 2020/02/17 8:15 p.m.23 views

CVE-2019-10790 vulnerabilities

Vulnerabilities for packages: kubeflow-centraldashboard...

7.5CVSS7.5AI score0.01877EPSS
Exploits1
CVE
CVE
added 2020/02/17 12:0 a.m.110 views

CVE-2019-10790

CVE-2019-10790 concerns the taffydb package (taffydb/taffydb.html) where versions up to 2.7.3 are affected. The issue, as described across multiple sources in the connected documents, is that an attacker can forge the internal index used per data item by injecting extra properties into user input. I...

7.5CVSS7.3AI score0.01877EPSS
Exploits1References2Affected Software1
vulnersOsv
vulnersOsv
added 2020/02/05 4:4 p.m.3 views

08cms (=1.0.0), 102f (>=1.0.0 <=1.0.1) +2206 more potentially affected by CVE-2019-10790 via taffydb (>=2.6.2 <=2.7.3)

taffydb NPM version =2.6.2, =1.0.0, =0.0.5, =1.0.0, =1.0.1-beta2, =1.0.40, =2.0.0, =1.6.0, =1.0.0, =1.0.1, =0.3.0, =1.0.2, =0.1.2, =0.2.0 - @adrian-alu0101024363/spread =0.1.3 and more Source cves: CVE-2019-10790 Source advisory: SNYK:JS-TAFFYDB-2992450...

7.5CVSS7AI score0.01877EPSS
Exploits1
Rows per page
Query Builder