Lucene search
K

5 matches found

Circl
Circl
added 2024/08/16 5:21 a.m.8 views

CVE-2024-43370

creationtimestamp| type| source ---|---|--- 2024-08-16 05:21:42+00:00| seen| https://t.me/cvedetector/3315...

7.2CVSS4.8AI score0.0038EPSS
Exploits0References1
NVD
NVD
added 2024/08/16 2:15 a.m.38 views

CVE-2024-43370

gettext.js is a GNU gettext port for node and the browser. There is a cross-site scripting XSS injection if .po dictionary definition files are corrupted. This vulnerability has been patched in version 2.0.3. As a workaround, control the origin of the definition catalog to prevent the use of this...

7.2CVSS0.0038EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/08/15 11:44 p.m.50 views

CVE-2024-43370 gettext.js vulnerable to cross-site scripting (XSS)

gettext.js is a GNU gettext port for node and the browser. There is a cross-site scripting XSS injection if .po dictionary definition files are corrupted. This vulnerability has been patched in version 2.0.3. As a workaround, control the origin of the definition catalog to prevent the use of this...

7.2CVSS0.0038EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2024/08/15 11:44 p.m.21 views

CVE-2024-43370

gettext.js is a GNU gettext port for node and the browser. There is a cross-site scripting XSS injection if .po dictionary definition files are corrupted. This vulnerability has been patched in version 2.0.3. As a workaround, control the origin of the definition catalog to prevent the use of this...

7.2CVSS4.9AI score0.0038EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2024/08/15 6:6 p.m.8 views

@superdesk/build-tools (>=1.0.0 <=2.0.1), @ucp-npm/components (>=0.0.4-beta <=0.0.19-beta) +5 more potentially affected by CVE-2024-43370 via gettext.js (>=0.5.5 <=1.2.0)

gettext.js NPM version =0.5.5, =1.0.0, =0.0.4-beta, =1.0.0, =1.0.1, =1.0.0, =0.0.6, =0.0.12 - gettext.js-po-loader =0.0.2 Source cves: CVE-2024-43370 Source advisory: OSV:GHSA-VWHG-JWR4-VXGG...

7.2CVSS5.8AI score0.0038EPSS
Exploits0
Rows per page
Query Builder