9 matches found
Insufficient Verification of Data Authenticity
Overview Affected versions of this package are vulnerable to Insufficient Verification of Data Authenticity in the ForwardAuth middleware when trustForwardHeader is set to false and the deployment is behind a trusted upstream proxy. An attacker can gain unauthorized access to protected backend...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling due to unbounded processing of responses in the ForwardAuth middleware due to the lack of restrictions for maxResponseBodySize configuration. An attacker can cause resource exhaustion...
CVE-2026-2964
A vulnerability was identified in higuma web-audio-recorder-js 0.1/0.1.1. Impacted is the function extend in the library lib/WebAudioRecorder.js of the component Dynamic Config Handling. Such manipulation leads to improperly controlled modification of object prototype attributes. It is possible t...
CVE-2026-2964
A vulnerability was identified in higuma web-audio-recorder-js 0.1/0.1.1. Impacted is the function extend in the library lib/WebAudioRecorder.js of the component Dynamic Config Handling. Such manipulation leads to improperly controlled modification of object prototype attributes. It is possible t...
CVE-2026-2964
A vulnerability was identified in higuma web-audio-recorder-js 0.1/0.1.1. Impacted is the function extend in the library lib/WebAudioRecorder.js of the component Dynamic Config Handling. Such manipulation leads to improperly controlled modification of object prototype attributes. It is possible t...
CVE-2026-2964 higuma web-audio-recorder-js Dynamic Config Handling WebAudioRecorder.js extend prototype pollution
A vulnerability was identified in higuma web-audio-recorder-js 0.1/0.1.1. Impacted is the function extend in the library lib/WebAudioRecorder.js of the component Dynamic Config Handling. Such manipulation leads to improperly controlled modification of object prototype attributes. It is possible t...
CVE-2026-2964 higuma web-audio-recorder-js Dynamic Config Handling WebAudioRecorder.js extend prototype pollution
A vulnerability was identified in higuma web-audio-recorder-js 0.1/0.1.1. Impacted is the function extend in the library lib/WebAudioRecorder.js of the component Dynamic Config Handling. Such manipulation leads to improperly controlled modification of object prototype attributes. It is possible t...
WebAudioRecorder.js 安全漏洞
WebAudioRecorder.js is a JavaScript library developed by Yuji Miyane. Versions 0.1 and 0.1.1 of WebAudioRecorder.js contain security vulnerabilities. These vulnerabilities stem from incorrect operations on the extend function in the Dynamic Config Handling component’s lib/WebAudioRecorder.js...
PT-2026-21488
Name of the Vulnerable Software and Affected Versions higuma web-audio-recorder-js versions 0.1 and 0.1.1 Description A flaw exists in the extend function within the lib/WebAudioRecorder.js library, specifically in the Dynamic Config Handling component. This allows for improper modification of...