Lucene search
K

7 matches found

Node.js
Node.js
added 2021/05/10 6:40 p.m.52 views

Prototype Pollution

Overview mathjs before version 7.5.1 is vulnerable to Prototype Pollution via the deepExtend function that runs upon configuration updates. Recommendation Upgrade to version 7.5.1 or later References - CVE - GitHub Advisory...

7.5CVSS4.6AI score0.03924EPSS
Exploits1Affected Software1
vulnersOsv
vulnersOsv
added 2021/05/10 6:39 p.m.8 views

2d-topopt (=0.1.0), 2d-transformation-solver (>=0.1.1 <=0.2.0) +2968 more potentially affected by CVE-2020-7743 via mathjs (>=0.10.0 <=7.5.0)

mathjs NPM version =0.10.0, =0.1.1, =1.0.0, =0.0.1, =0.0.2, =3.1.3, =2.6.0, =0.9.0, =1.0.0, =1.0.0, =1.0.1 - @abcaustralia/campaign-health-quiz =1.1.1 - @abear/hnode-tools =0.0.1 and more Source cves: CVE-2020-7743 Source advisory: OSV:GHSA-X2FC-MXCX-W4MF...

7.5CVSS7AI score0.03924EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2020/11/30 2:12 p.m.77 views

Moderate: Red Hat Security Advisory: security update - Red Hat Ansible Tower 3.7.4-1 - RHEL7 Container

Red Hat Ansible Tower 3.7.4-1 - RHEL7 Container Fixed two jQuery vulnerabilities CVE-2020-11022, CVE-2020-11023 Improved Ansible Tower's web service configuration to allow for processing more simultaneous HTTPs requests by default Updated several dependencies of Ansible Tower's User Interface to...

9.8CVSS6.8AI score0.99019EPSS
Exploits13References3
RedhatCVE
RedhatCVE
added 2020/10/13 8:20 p.m.45 views

CVE-2020-7743

The package mathjs before 7.5.1 are vulnerable to Prototype Pollution via the deepExtend function that runs upon configuration updates...

7.5CVSS3.5AI score0.03924EPSS
Exploits1References3
CVE
CVE
added 2020/10/13 9:15 a.m.98 views

CVE-2020-7743

The vulnerability described in CVE-2020-7743 affects the mathjs package prior to version 7.5.1, enabling Prototype Pollution via the deepExtend function during configuration updates. This is a general software vulnerability in mathjs, with no explicit exploit details provided in the connected doc...

7.5CVSS7.1AI score0.03924EPSS
Exploits1References6Affected Software1
Cvelist
Cvelist
added 2020/10/13 9:15 a.m.41 views

CVE-2020-7743 Prototype Pollution

The package mathjs before 7.5.1 are vulnerable to Prototype Pollution via the deepExtend function that runs upon configuration updates...

7.3CVSS7.1AI score0.03924EPSS
Exploits1References6
vulnersOsv
vulnersOsv
added 2020/10/07 3:29 p.m.14 views

@baic/yolk (>=1.0.0-alpha.2 <=1.0.0-alpha.43), @baic/yolk-miniapp (>=1.0.0-alpha.1 <=1.0.0-alpha.43) +4 more potentially affected by CVE-2020-7743 via mathjs (>=7.1.0 <=7.5.0)

mathjs NPM version =7.1.0, =1.0.0-alpha.2, =1.0.0-alpha.1, =1.0.0-alpha.1, =1.0.0-alpha.3, =2.0.12, =2.2.25 Source cves: CVE-2020-7743 Source advisory: SNYK:JS-MATHJS-1016401...

7.5CVSS7.1AI score0.03924EPSS
Exploits1
Rows per page
Query Builder