26 matches found
Prototype Pollution
Overview graphql-upload-minimal is a Minimalistic and developer friendly middleware and an Upload scalar to add support for GraphQL multipart requests file uploads via queries and mutations to various Node.js GraphQL servers. Affected versions of this package are vulnerable to Prototype Pollution...
EUVD-2021-1145
Malware in sbrugna...
EUVD-2021-1150
Malware in sbrugna...
EUVD-2023-1129
Malicious code in bioql PyPI...
CVE-2023-1712
Use of Hard-coded, Security-relevant Constants in GitHub repository deepset-ai/haystack prior to 0.1.30...
GHSA-W7QG-J435-78QW Use of hard-coded, security-relevant constants in deepset-ai/haystack
Use of Hard-coded, Security-relevant Constants in GitHub repository deepset-ai/haystack in version 1.15.0 and prior. A patch is available at commit 5fc84904f198de661d5b933fde756aa922bf09f1...
Use of hard-coded, security-relevant constants in deepset-ai/haystack
Use of Hard-coded, Security-relevant Constants in GitHub repository deepset-ai/haystack in version 1.15.0 and prior. A patch is available at commit 5fc84904f198de661d5b933fde756aa922bf09f1...
CVE-2023-1712
Use of Hard-coded, Security-relevant Constants in GitHub repository deepset-ai/haystack prior to 0.1.30...
CVE-2023-1712
CVE-2023-1712 concerns the GitHub repository deepset-ai/haystack, prior to version 0.1.30, due to the use of hard-coded, security-relevant constants. Public documentation from multiple sources confirms the issue affects haystack versions before 0.1.30 (and related references mention version 1.15....
PT-2023-17189 · Deepset Ai · Haystack
Name of the Vulnerable Software and Affected Versions: deepset-ai/haystack versions prior to 0.1.30 deepset-ai/haystack version 1.15.0 and prior Description: The issue is related to the use of hard-coded, security-relevant constants in the GitHub repository deepset-ai/haystack. A patch is availab...
CVE-2023-1712 Use of Hard-coded, Security-relevant Constants in deepset-ai/haystack
Use of Hard-coded, Security-relevant Constants in GitHub repository deepset-ai/haystack prior to 0.1.30...
CVE-2023-1712 Use of Hard-coded, Security-relevant Constants in deepset-ai/haystack
Use of Hard-coded, Security-relevant Constants in GitHub repository deepset-ai/haystack prior to 0.1.30...
GHSA-P6JH-P7Q8-PCRG Prototype Pollution in nodee-utils
All versions of package nodee-utils below version 1.2.3 are vulnerable to Prototype Pollution via the deepSet function...
Prototype Pollution in nodee-utils
All versions of package nodee-utils below version 1.2.3 are vulnerable to Prototype Pollution via the deepSet function...
Prototype Pollution in gammautils
All versions of package gammautils up to and including version 0.0.81 are vulnerable to Prototype Pollution via the deepSet and deepMerge functions...
GHSA-PGMG-GF5P-54J8 Prototype Pollution in gammautils
All versions of package gammautils up to and including version 0.0.81 are vulnerable to Prototype Pollution via the deepSet and deepMerge functions...
Prototype Pollution
nodee-utils is vulnerable to prototype pollution. The vulnerability exists as it does not restrict the proto header to be set through the deepSet function...
Prototype Pollution
gammautils is vulnerable to prototype pollution. The vulnerability exists as it does not restrict the proto header to be set through the deepSet and deepMerge functions...
CVE-2020-7722
All versions of package nodee-utils are vulnerable to Prototype Pollution via the deepSet function...
CVE-2020-7718
All versions of package gammautils are vulnerable to Prototype Pollution via the deepSet and deepMerge functions...