Prototype Pollution in silentmatt/expr-eval

✍️ Description With speficific input attckers can define properties on prototype, which will lead to prototype pollution. Need node version=12.0.0, which introduce Object.fromEntries 🕵️‍♂️ Proof of Concept // PoC.js const Parser = require'expr-eval'; const o = ; console.log"o.a=", o.a; // o.a=...

Prototype Pollution

property-expr is vulnerable to prototype pollution. An attacker is able to add and modify properties of Object.prototype using a proto payload...

CVE-2020-7707

CVE-2020-7707 affects the Node.js property-expr module (versions before 2.0.3). Root cause is a prototype pollution flaw in the setter function, enabling remote attackers to execute arbitrary code. Affected: property-expr

PT-2020-6067 · Unknown · Property-Expr

Name of the Vulnerable Software and Affected Versions: property-expr versions prior to 2.0.3 Description: The issue is related to Prototype Pollution via the setter function. It may allow a remote attacker to perform a prototype pollution attack by exploiting uncontrolled modification of object...

Node.js third-party modules: property-expr - Prototype pollution

I would like to report Prototype pollution in property-expr It allows attacker to modify the prototype of a base object. Module module name: property-expr version: 2.0.2 npm page: https://www.npmjs.com/package/property-expr Module Description Tiny property path utilities, including path parsing a...

llvm:clang-objc-fuzzer: Segv on unknown address in clang::Expr::EvaluateKnownConstInt

Detailed Report: https://oss-fuzz.com/testcase?key=5105673205710848 Project: llvm Fuzzing Engine: libFuzzer Fuzz Target: clang-objc-fuzzer Job Type: libfuzzermsanllvm Platform Id: linux Crash Type: Segv on unknown address Crash Address: Crash State: clang::Expr::EvaluateKnownConstInt...

Netwide Assembler Buffer Overflow Vulnerability (CNVD-2020-02979)

Netwide Assembler NASM is a Linux-based assembler. The product is capable of creating binaries and writing bootloaders. A buffer overflow vulnerability exists in the expr function of the asm/eval.c file in version 2.14.02 of Netwide Assembler NASM. The vulnerability stems from a networked system ...

CVE-2019-20334

In Netwide Assembler NASM 2.14.02, stack consumption occurs in expr functions in asm/eval.c. This potentially affects the relationships among expr0, expr1, expr2, expr3, expr4, expr5, and expr6 and stdscan in asm/stdscan.c. This is similar to CVE-2019-6290 and CVE-2019-6291...

CVE-2019-20334

In Netwide Assembler NASM 2.14.02, stack consumption occurs in expr functions in asm/eval.c. This potentially affects the relationships among expr0, expr1, expr2, expr3, expr4, expr5, and expr6 and stdscan in asm/stdscan.c. This is similar to CVE-2019-6290 and CVE-2019-6291...

Stack overflow

In Netwide Assembler NASM 2.14.02, stack consumption occurs in expr functions in asm/eval.c. This potentially affects the relationships among expr0, expr1, expr2, expr3, expr4, expr5, and expr6 and stdscan in asm/stdscan.c. This is similar to CVE-2019-6290 and CVE-2019-6291...

CVE-2019-20334

In Netwide Assembler NASM 2.14.02, stack consumption occurs in expr functions in asm/eval.c. This potentially affects the relationships among expr0, expr1, expr2, expr3, expr4, expr5, and expr6 and stdscan in asm/stdscan.c. This is similar to CVE-2019-6290 and CVE-2019-6291...

CVE-2019-20334

In Netwide Assembler NASM 2.14.02, stack consumption occurs in expr functions in asm/eval.c. This potentially affects the relationships among expr0, expr1, expr2, expr3, expr4, expr5, and expr6 and stdscan in asm/stdscan.c. This is similar to CVE-2019-6290 and CVE-2019-6291...

CVE-2019-20334

CVE-2019-20334 affects NASM 2.14.02 with stack consumption in the eval code paths (asm/eval.c) specifically in the expr# functions (expr, rexp, bexpr, cexpr) and related relationships to expr0–expr6 (and stdscan in asm/stdscan.c). The Microsoft/MSRC entry describes a stack-exhaustion DoS caused b...

CVE-2019-20334

In Netwide Assembler NASM 2.14.02, stack consumption occurs in expr functions in asm/eval.c. This potentially affects the relationships among expr0, expr1, expr2, expr3, expr4, expr5, and expr6 and stdscan in asm/stdscan.c. This is similar to CVE-2019-6290 and CVE-2019-6291...

PT-2019-15957 · Atasm · Atasm

Name of the Vulnerable Software and Affected Versions: ATasm version 1.06 Description: The issue is a stack-based buffer overflow in the parse expr function, located in setparse.c, which can be triggered by a crafted .m65 file. Recommendations: For ATasm version 1.06, as a temporary workaround,...

DEBIAN-CVE-2019-19242

SQLite 3.30.1 mishandles pExpr-y.pTab, as demonstrated by the TKCOLUMN case in sqlite3ExprCodeTarget in expr.c...

libxkbcommon: NULL pointer dereference in LookupModMask resulting in a crash

Unchecked NULL pointer usage in LookupModMask in xkbcomp/expr.c in xkbcommon before 0.8.2 could be used by local attackers to crash NULL pointer dereference the xkbcommon parser by supplying a crafted keymap file with invalid virtual modifiers...

CVE-2018-15861

Unchecked NULL pointer usage in ExprResolveLhs in xkbcomp/expr.c in xkbcommon before 0.8.2 could be used by local attackers to crash NULL pointer dereference the xkbcommon parser by supplying a crafted keymap file that triggers an xkbinternatom failure...

UBUNTU-CVE-2018-15861

Unchecked NULL pointer usage in ExprResolveLhs in xkbcomp/expr.c in xkbcommon before 0.8.2 could be used by local attackers to crash NULL pointer dereference the xkbcommon parser by supplying a crafted keymap file that triggers an xkbinternatom failure...

libdwarf heap buffer overflow vulnerability (CNVD-2017-07537)

libdwarf is a set of tools for reading and writing DWARF2 debugging information. A heap buffer overflow vulnerability exists in the 'dwarfreadlocexprop' function in libdwarf version 2017-03-21. An attacker can exploit this vulnerability to cause a heap buffer read over boundary...