Lucene search
+L

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 8:26 a.m.8 views

CVE-2019-19507

In jpv aka Json Pattern Validator before 2.1.1, compareCommon can be bypassed because certain internal attributes can be overwritten via a conflicting name, as demonstrated by 'constructor': 'name':'Array'. This affects validate. Hence, a crafted payload can overwrite this builtin attribute to...

5.3CVSS6.6AI score0.00974EPSS
Exploits1References1
NVD
NVD
added 2019/12/02 5:15 p.m.24 views

CVE-2019-19507

In jpv aka Json Pattern Validator before 2.1.1, compareCommon can be bypassed because certain internal attributes can be overwritten via a conflicting name, as demonstrated by 'constructor': 'name':'Array'. This affects validate. Hence, a crafted payload can overwrite this builtin attribute to...

5.3CVSS5.1AI score0.00974EPSS
Exploits1References2
OSV
OSV
added 2019/12/02 5:15 p.m.8 views

CVE-2019-19507

In jpv aka Json Pattern Validator before 2.1.1, compareCommon can be bypassed because certain internal attributes can be overwritten via a conflicting name, as demonstrated by 'constructor': 'name':'Array'. This affects validate. Hence, a crafted payload can overwrite this builtin attribute to...

5.3CVSS6AI score0.00974EPSS
Exploits1References2
CVE
CVE
added 2019/12/02 4:17 p.m.58 views

CVE-2019-19507

CVE-2019-19507 affects jpv (Json Pattern Validator) prior to version 2.1.1. The vulnerability arises in compareCommon(), where internal attributes can be overwritten via a conflicting property name (e.g., constructor: { name: 'Array' }), allowing an attacker to bypass validation logic and manipul...

5.3CVSS5AI score0.00974EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder