Lucene search
K

5 matches found

vulnersOsv
vulnersOsv
added 2021/05/18 1:57 a.m.5 views

2bsafe-api (>=1.0.1 <=1.0.2), 3architecture (>=1.0.0 <=1.7.0) +2318 more potentially affected by CVE-2020-7765 via @firebase/util (>=0.1.10-canary.a1020bf <=0.3.4-2020103231751)

@firebase/util NPM version =0.1.10-canary.a1020bf, =1.0.1, =1.0.0, =1.0.0, =1.0.0, =0.1.0, =0.1.1, =1.0.24, =0.65.0, =0.53.0, =0.50.0, =0.0.2, =0.0.1, =1.1.6, =1.3.1 and more Source cves: CVE-2020-7765 Source advisory: OSV:GHSA-FPM5-VV97-JFWG...

5.6CVSS6AI score0.00562EPSS
Exploits1
OSV
OSV
added 2020/11/16 12:15 p.m.17 views

CVE-2020-7765

This affects the package @firebase/util before 0.3.4. This vulnerability relates to the deepExtend function within the DeepCopy.ts file. Depending on if user input is provided, an attacker can overwrite and pollute the object prototype of a program...

5.3CVSS6.6AI score
Exploits0References3
Cvelist
Cvelist
added 2020/11/16 12:0 p.m.26 views

CVE-2020-7765 Prototype Pollution

This affects the package @firebase/util before 0.3.4. This vulnerability relates to the deepExtend function within the DeepCopy.ts file. Depending on if user input is provided, an attacker can overwrite and pollute the object prototype of a program...

5.6CVSS5.4AI score0.00562EPSS
Exploits1References3
CVE
CVE
added 2020/11/16 12:0 p.m.80 views

CVE-2020-7765

Summary: The vulnerability affects the package @firebase/util prior to 0.3.4. It stems from the DeepCopy.ts file’s deepExtend function, where unsanitized user input can overwrite and pollute a program’s Object.prototype (prototype pollution). Impact: Contamination of prototypes and potential down...

5.6CVSS5.1AI score0.00562EPSS
Exploits1References3Affected Software1
vulnersOsv
vulnersOsv
added 2020/10/27 1:1 p.m.7 views

2bsafe-api (>=1.0.1 <=1.0.2), 3architecture (>=1.0.0 <=1.7.0) +2318 more potentially affected by CVE-2020-7765 via @firebase/util (>=0.1.10-canary.a1020bf <=0.3.4-2020103231751)

@firebase/util NPM version =0.1.10-canary.a1020bf, =1.0.1, =1.0.0, =1.0.0, =1.0.0, =0.1.0, =0.1.1, =1.0.24, =0.65.0, =0.53.0, =0.50.0, =0.0.2, =0.0.1, =1.1.6, =1.3.1 and more Source cves: CVE-2020-7765 Source advisory: SNYK:JS-FIREBASEUTIL-1038324...

5.6CVSS6AI score0.00562EPSS
Exploits1
Rows per page
Query Builder