Lucene search
K

48 matches found

Prion
Prion
added 2020/12/16 11:15 a.m.23 views

Design/Logic Flaw

All versions of package datatables.net are vulnerable to Prototype Pollution due to an incomplete fix for https://snyk.io/vuln/SNYK-JS-DATATABLESNET-598806...

7.5CVSS7.1AI score0.0367EPSS
Exploits2References6Affected Software1
Cvelist
Cvelist
added 2020/12/16 10:35 a.m.112 views

CVE-2020-28458 Prototype Pollution

All versions of package datatables.net are vulnerable to Prototype Pollution due to an incomplete fix for https://snyk.io/vuln/SNYK-JS-DATATABLESNET-598806...

7.3CVSS7.4AI score0.0367EPSS
Exploits2References7
CVE
CVE
added 2020/12/16 10:35 a.m.287 views

CVE-2020-28458

CVE-2020-28458 affects datatables.net across all versions due to an incomplete fix enabling Prototype Pollution. Public references indicate a direct exploit surface (prototype pollution) via the datatables.net package, with exploit scripts available targeting vulnerable versions (e.g., datatables...

7.5CVSS7.3AI score0.0367EPSS
Exploits2References7Affected Software1
CNNVD
CNNVD
added 2020/12/16 12:0 a.m.6 views

Sprymedia Datatables Input Validation Error Vulnerability

Sprymedia Datatables is a Javascript-based plug-in from Sprymedia UK that supports efficient data presentation on Html pages. A security vulnerability exists in Sprymedia Datatables that stems from the fact that all versions of the package datatables.net are susceptible to prototype contamination...

7.5CVSS6.7AI score0.0367EPSS
Exploits2References12
Positive Technologies
Positive Technologies
added 2020/10/25 12:0 a.m.5 views

PT-2020-6496 · Unknown · Datatables.Net

Name of the Vulnerable Software and Affected Versions: datatables.net affected versions not specified Description: The issue is related to insufficient control of modification of dynamically defined object properties, which can be exploited by a remote attacker to execute arbitrary code or cause ...

7.5CVSS8.3AI score0.0367EPSS
Exploits2References20
Snyk
Snyk
added 2020/10/07 3:49 p.m.3 views

Prototype Pollution

Overview datatables.net is a DataTables for jQuery Affected versions of this package are vulnerable to Prototype Pollution due to an incomplete fix for https://snyk.io/vuln/SNYK-JS-DATATABLESNET-598806. Remediation Upgrade datatables.net to version 1.10.23 or higher. References - GitHub Additiona...

7.5CVSS5.1AI score0.0367EPSS
Exploits2References2
vulnersOsv
vulnersOsv
added 2020/08/17 3:13 p.m.12 views

@coreui/coreui-datatables (=1.0.0), @daai/sb-decloud (>=1.0.0 <=1.0.11) +38 more potentially affected by unknown CVE via datatables.net (>=1.10.12 <=1.10.21)

datatables.net NPM version =1.10.12, =1.0.0, =1.0.0, =3.0.0, =1.1.1, =0.0.1, =1.0.2, =1.0.0, =1.0.0, =0.0.0, =0.1.56, =0.2.151 and more Source cves: unknown CVE Source advisory: SNYK:JS-DATATABLESNET-598806...

5.8AI score
Exploits0
Snyk
Snyk
added 2020/08/17 3:13 p.m.5 views

Prototype Pollution

Overview datatables.net is a DataTables for jQuery Affected versions of this package are vulnerable to Prototype Pollution. POC The following two files are required to be served by an HTTP server. poc.html: $.fn.dataTable.ext.internal.fnSetObjectDataFn'proto.foo','polluted'; document.write'foo : ...

5.6CVSS6.6AI score
Exploits0References2
Rows per page
Query Builder