Lucene search
K

4 matches found

vulnersOsv
vulnersOsv
added 2021/05/10 7:7 p.m.6 views

@gearedminds/tsed-api-support (=2.0.0), @kabuce/api (=0.0.1-alpha.42) +20 more potentially affected by CVE-2020-7748 via @tsed/core (>=4.0.0 <=5.65.6)

@tsed/core NPM version =4.0.0, =5.0.4, =5.0.4, =5.0.4, =5.34.2, =5.60.0, =5.0.4, =5.0.4, =5.34.2, =5.45.0, =5.60.0, =5.34.2, =5.0.4, =5.0.4, =5.47.0 and more Source cves: CVE-2020-7748 Source advisory: OSV:GHSA-77XQ-CPVG-7XM2...

8.1CVSS7.2AI score0.017EPSS
Exploits1
OSV
OSV
added 2020/10/20 11:15 a.m.15 views

CVE-2020-7748

This affects the package @tsed/core before 5.65.7. This vulnerability relates to the deepExtend function which is used as part of the utils directory. Depending on if user input is provided, an attacker can overwrite and pollute the object prototype of a program...

8.1CVSS6.8AI score
Exploits0References3
Cvelist
Cvelist
added 2020/10/20 10:25 a.m.22 views

CVE-2020-7748 Prototype Pollution

This affects the package @tsed/core before 5.65.7. This vulnerability relates to the deepExtend function which is used as part of the utils directory. Depending on if user input is provided, an attacker can overwrite and pollute the object prototype of a program...

5.6CVSS8AI score0.017EPSS
Exploits1References3
CVE
CVE
added 2020/10/20 10:25 a.m.56 views

CVE-2020-7748

The CVE-2020-7748 entry affects the @tsed/core package (versions prior to 5.65.7) and is due to the deepExtend utility in the utils directory. The vulnerability enables prototype pollution when user input is supplied, allowing an attacker to overwrite properties on Object.prototype, with potentia...

8.1CVSS6.5AI score0.017EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder