7 matches found
Moderate: Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.1.6 security and bug fix updates
Red Hat Advanced Cluster Management for Kubernetes 2.1.6 General Availability release images, which fix several bugs and security issues. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a...
Prototype Pollution
Overview In mquery before version 3.2.3 there is a prototype pollution vulnerability because a special property e.g., proto can be copied during a merge or clone operation. Recommendation Upgrade to version 3.2.3 or later References - CVE - GitHub Advisory...
3nit-utils (>=0.24.0 <=1.0.2), @36node/template-service (=0.3.5) +576 more potentially affected by CVE-2020-35149 via mquery (>=3.0.0-rc0 <=3.2.2)
mquery NPM version =3.0.0-rc0, =0.24.0, =0.2.0, =3.7.0, =0.1.17, =1.0.0, =0.0.1, =0.0.2, =5.9.7, =0.7.0, =1.0.33, =2.1.3 and more Source cves: CVE-2020-35149 Source advisory: SNYK:JS-MQUERY-1050858...
CVE-2020-35149
creationtimestamp| type| source ---|---|--- 2020-12-11 22:38:51+00:00| seen| https://t.me/cibsecurity/20478 2020-12-11 22:54:26+00:00| seen| https://t.me/cibsecurity/20497 2020-12-11 23:25:20+00:00| seen| https://t.me/cibsecurity/20517 2020-12-12 00:25:20+00:00| seen| https://t.me/cibsecurity/205...
CVE-2020-35149
lib/utils.js in mquery before 3.2.3 allows a pollution attack because a special property e.g., proto can be copied during a merge or clone operation...
CVE-2020-35149
lib/utils.js in mquery before 3.2.3 allows a pollution attack because a special property e.g., proto can be copied during a merge or clone operation...
CVE-2020-35149
CVE-2020-35149 affects mquery before 3.2.3 via prototype pollution in lib/utils.js, where a special property (e.g., proto ) can be copied during merge or clone, altering object prototypes. Exploitation is described across sources (NVD, Red Hat advisory, Snyk) as a prototype pollution risk that ca...