Lucene search
+L

11 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/30 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2021-23518

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The package cached-path-relative before 1.1.0 are vulnerable to Prototype Pollution via the cache variable that is set as instead of Object.createnull in the...

9.8CVSS7AI score0.01943EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2022/12/05 12:0 a.m.22 views

Debian: Security Advisory (DLA-3221-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.7AI score0.02141EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2022/12/05 12:0 a.m.30 views

Debian dla-3221 : node-cached-path-relative - security update

The remote Debian 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-3221 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3221-1 [email protected]...

9.8CVSS6.8AI score0.02141EPSS
Exploits1References6
Debian
Debian
added 2022/12/04 11:52 p.m.80 views

[SECURITY] [DLA 3221-1] node-cached-path-relative security update

Debian LTS Advisory DLA-3221-1 [email protected] https://www.debian.org/lts/security/ Guilhem Moulin December 05, 2022 https://wiki.debian.org/LTS Package : node-cached-path-relative Version : 1.0.1-2+deb10u1 CVE ID : CVE-2018-16472 CVE-2021-23518 Debian Bug : 1004338 Cristian-Alexandru...

9.8CVSS6.7AI score0.02141EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2022/01/27 2:27 p.m.5 views

@stackstorm/st2-build (>=2.3.1 <=2.4.3), ccxt-without-theocean (=1.18.151) +3 more potentially affected by CVE-2021-23518 via cached-path-relative (=1.0.2)

cached-path-relative NPM version =1.0.2 is affected by a known vulnerability. The following packages have a transitive dependency on cached-path-relative and may be impacted: - @stackstorm/st2-build =2.3.1, =1.0.0, =1.18.173, =1.18.242 Source cves: CVE-2021-23518 Source advisory:...

9.8CVSS7.2AI score0.01943EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2022/01/24 10:35 p.m.33 views

CVE-2021-23518

A prototype pollution vulnerability was discovered in cached-path-relative. This flaw allows a remote, unauthenticated attacker to inject a cache variable to leak sensitive information...

9.8CVSS4.2AI score0.01943EPSS
Exploits1References3
NVD
NVD
added 2022/01/21 8:15 p.m.32 views

CVE-2021-23518

The package cached-path-relative before 1.1.0 are vulnerable to Prototype Pollution via the cache variable that is set as instead of Object.createnull in the cachedPathRelative function, which allows access to the parent prototype properties when the object is used to create the cached relative...

9.8CVSS0.01943EPSS
Exploits1References4
OSV
OSV
added 2022/01/21 8:15 p.m.21 views

CVE-2021-23518

The package cached-path-relative before 1.1.0 are vulnerable to Prototype Pollution via the cache variable that is set as instead of Object.createnull in the cachedPathRelative function, which allows access to the parent prototype properties when the object is used to create the cached relative...

9.8CVSS9.4AI score
Exploits0References4
CVE
CVE
added 2022/01/21 8:5 p.m.158 views

CVE-2021-23518

CVE-2021-23518 affects cached-path-relative (before 1.1.0). The root cause is prototype pollution: the cache variable is created as {} instead of Object.create(null) in the cachedPathRelative function, allowing access to parent prototype properties when building the cached relative path. When ori...

9.8CVSS8.2AI score0.01943EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2022/01/21 8:5 p.m.41 views

CVE-2021-23518 Prototype Pollution

The package cached-path-relative before 1.1.0 are vulnerable to Prototype Pollution via the cache variable that is set as instead of Object.createnull in the cachedPathRelative function, which allows access to the parent prototype properties when the object is used to create the cached relative...

7.3CVSS9.6AI score0.01943EPSS
Exploits1References4
Debian CVE
Debian CVE
added 2022/01/21 8:5 p.m.37 views

CVE-2021-23518

The package cached-path-relative before 1.1.0 are vulnerable to Prototype Pollution via the cache variable that is set as instead of Object.createnull in the cachedPathRelative function, which allows access to the parent prototype properties when the object is used to create the cached relative...

9.8CVSS9.2AI score0.01943EPSS
Exploits1
Rows per page
Query Builder