2443 matches found
PT-2020-8914 · Pullit · Pullit
Name of the Vulnerable Software and Affected Versions: pullit versions prior to 1.4.0 Description: The issue allows OS Command Injection because eval is used on an attacker-supplied Git branch name. The package does not validate input on git branch names and concatenates it to an exec call,...
CVE-2020-15094
In Symfony before versions 4.4.13 and 5.1.5, the CachingHttpClient class from the HttpClient Symfony component relies on the HttpCache class to handle requests. HttpCache uses internal headers like X-Body-Eval and X-Body-File to control the restoration of cached responses. The class was initially...
Sandbox Breakout / Arbitrary Code Execution in static-eval
Versions of static-evalprior to 2.0.2 pass untrusted user input directly to the global function constructor, resulting in an arbitrary code execution vulnerability when user input is parsed via the package. Proof of concept var evaluate = require'static-eval'; var parse = require'esprima'.parse;...
GHSA-X9HC-RW35-F44H Sandbox Breakout / Arbitrary Code Execution in static-eval
Versions of static-evalprior to 2.0.2 pass untrusted user input directly to the global function constructor, resulting in an arbitrary code execution vulnerability when user input is parsed via the package. Proof of concept var evaluate = require'static-eval'; var parse = require'esprima'.parse;...
PT-2020-14179 · Symfony · Symfony
Name of the Vulnerable Software and Affected Versions: Symfony versions prior to 4.4.13 Symfony versions prior to 5.1.5 Description: The CachingHttpClient class from the HttpClient Symfony component relies on the HttpCache class to handle requests. HttpCache uses internal headers like X-Body-Eval...
GHSA-CWCP-6C48-FM7M Unsafe eval() in summit allows arbitrary code execution
Affected versions of summit allow attackers to execute arbitrary commands via collection names when using the PouchDB driver. Recommendation No direct patch is available at this time. Currently, the best option to mitigate the issue is to avoid using the PouchDB driver, as the package author has...
MGASA-2020-0352 Updated thunderbird packages fix security vulnerabilities
By holding a reference to the eval function from an about:blank window, a malicious webpage could have gained access to the InstallTrigger object which would allow them to prompt the user to install an extension. Combined with user confusion, this could result in an unintended or malicious...
Mozilla: Attacker-induced prompt for extension installation
By holding a reference to the eval function from an about:blank window, a malicious webpage could have gained access to the InstallTrigger object which would allow them to prompt the user to install an extension. Combined with user confusion, this could result in an unintended or malicious...
Mozilla: Attacker-induced prompt for extension installation
By holding a reference to the eval function from an about:blank window, a malicious webpage could have gained access to the InstallTrigger object which would allow them to prompt the user to install an extension. Combined with user confusion, this could result in an unintended or malicious...
Mozilla: Attacker-induced prompt for extension installation
By holding a reference to the eval function from an about:blank window, a malicious webpage could have gained access to the InstallTrigger object which would allow them to prompt the user to install an extension. Combined with user confusion, this could result in an unintended or malicious...
Mozilla: Attacker-induced prompt for extension installation
By holding a reference to the eval function from an about:blank window, a malicious webpage could have gained access to the InstallTrigger object which would allow them to prompt the user to install an extension. Combined with user confusion, this could result in an unintended or malicious...
Mozilla: Attacker-induced prompt for extension installation
By holding a reference to the eval function from an about:blank window, a malicious webpage could have gained access to the InstallTrigger object which would allow them to prompt the user to install an extension. Combined with user confusion, this could result in an unintended or malicious...
UBUNTU-CVE-2020-15664
By holding a reference to the eval function from an about:blank window, a malicious webpage could have gained access to the InstallTrigger object which would allow them to prompt the user to install an extension. Combined with user confusion, this could result in an unintended or malicious...
GHSA-HRPQ-R399-WHGW Sandbox Breakout / Arbitrary Code Execution in safe-eval
All versions of safe-eval are vulnerable to Sandbox Escape leading to Remote Code Execution. The package fails to restrict access to the main context through Error objects. This may allow attackers to execute arbitrary code in the system. Evaluating the payload js function var ex = new Error...
@550w-tools/cli (>=0.0.14 <=0.0.16), @550w-tools/core (>=0.0.14 <=0.0.16) +538 more potentially affected by CVE-2020-7710 via safe-eval (>=0.2.0 <=0.4.1)
safe-eval NPM version =0.2.0, =0.0.14, =0.0.14, =0.0.13, =0.0.14, =0.0.15, =1.0.1, =1.0.2, =1.0.3, =1.1.2, =0.1.16, =1.0.0, =0.3.0, =0.20.0, =2.0.295, =2.0.315 and more Source cves: CVE-2020-7710 Source advisory: OSV:GHSA-HRPQ-R399-WHGW...
Sandbox Breakout / Arbitrary Code Execution in safe-eval
All versions of safe-eval are vulnerable to Sandbox Escape leading to Remote Code Execution. The package fails to restrict access to the main context through Error objects. This may allow attackers to execute arbitrary code in the system. Evaluating the payload js function var ex = new Error...
Remote Code Execution (RCE)
safe-eval is vulnerable to remote code execution RCE. The application does not properly sanitize user input, allowing a malicious user to execute arbitrary commands...
CVE-2020-7710
This affects all versions of package safe-eval. It is possible for an attacker to run an arbitrary command on the host machine...
CVE-2020-7710
This affects all versions of package safe-eval. It is possible for an attacker to run an arbitrary command on the host machine...
CVE-2020-7710 Sandbox Escape
This affects all versions of package safe-eval. It is possible for an attacker to run an arbitrary command on the host machine...