Lucene search
K

8 matches found

vulnersOsv
vulnersOsv
added 2021/05/18 1:57 a.m.5 views

2bsafe-api (>=1.0.1 <=1.0.2), 3architecture (>=1.0.0 <=1.7.0) +2318 more potentially affected by CVE-2020-7765 via @firebase/util (>=0.1.10-canary.a1020bf <=0.3.4-2020103231751)

@firebase/util NPM version =0.1.10-canary.a1020bf, =1.0.1, =1.0.0, =1.0.0, =1.0.0, =0.1.0, =0.1.1, =1.0.24, =0.65.0, =0.53.0, =0.50.0, =0.0.2, =0.0.1, =1.1.6, =1.3.1 and more Source cves: CVE-2020-7765 Source advisory: OSV:GHSA-FPM5-VV97-JFWG...

5.6CVSS6AI score0.00562EPSS
Exploits1
OSV
OSV
added 2021/05/18 1:57 a.m.19 views

GHSA-FPM5-VV97-JFWG Uncontrolled Resource Consumption in firebase

This affects the package @firebase/util before 0.3.4. This vulnerability relates to the deepExtend function within the DeepCopy.ts file. Depending on if user input is provided, an attacker can overwrite and pollute the object prototype of a program...

5.3CVSS5.2AI score0.00562EPSS
Exploits1References4
CNVD
CNVD
added 2020/11/17 12:0 a.m.17 views

Google Firebase Js Sdk prototype contamination vulnerability

Google Firebase Js Sdk is a client-side code base for connecting to the Firebase backend service from Google. firebase/util versions prior to 0.3.4 contain a prototype contamination vulnerability that originates from the deepExtend function in DeepCopy.ts. An attacker could exploit this...

5.6CVSS3.8AI score0.00562EPSS
Exploits1References1
OSV
OSV
added 2020/11/16 12:15 p.m.17 views

CVE-2020-7765

This affects the package @firebase/util before 0.3.4. This vulnerability relates to the deepExtend function within the DeepCopy.ts file. Depending on if user input is provided, an attacker can overwrite and pollute the object prototype of a program...

5.3CVSS6.6AI score
Exploits0References3
NVD
NVD
added 2020/11/16 12:15 p.m.12 views

CVE-2020-7765

This affects the package @firebase/util before 0.3.4. This vulnerability relates to the deepExtend function within the DeepCopy.ts file. Depending on if user input is provided, an attacker can overwrite and pollute the object prototype of a program...

5.6CVSS5.4AI score0.00562EPSS
Exploits1References3
Cvelist
Cvelist
added 2020/11/16 12:0 p.m.25 views

CVE-2020-7765 Prototype Pollution

This affects the package @firebase/util before 0.3.4. This vulnerability relates to the deepExtend function within the DeepCopy.ts file. Depending on if user input is provided, an attacker can overwrite and pollute the object prototype of a program...

5.6CVSS5.4AI score0.00562EPSS
Exploits1References3
vulnersOsv
vulnersOsv
added 2020/10/27 1:1 p.m.7 views

2bsafe-api (>=1.0.1 <=1.0.2), 3architecture (>=1.0.0 <=1.7.0) +2318 more potentially affected by CVE-2020-7765 via @firebase/util (>=0.1.10-canary.a1020bf <=0.3.4-2020103231751)

@firebase/util NPM version =0.1.10-canary.a1020bf, =1.0.1, =1.0.0, =1.0.0, =1.0.0, =0.1.0, =0.1.1, =1.0.24, =0.65.0, =0.53.0, =0.50.0, =0.0.2, =0.0.1, =1.1.6, =1.3.1 and more Source cves: CVE-2020-7765 Source advisory: SNYK:JS-FIREBASEUTIL-1038324...

5.6CVSS6AI score0.00562EPSS
Exploits1
Snyk
Snyk
added 2020/10/27 1:1 p.m.2 views

Prototype Pollution

Overview @firebase/util is a wrapper of some Webchannel Features for the Firebase JS SDK. Affected versions of this package are vulnerable to Prototype Pollution. This vulnerability relates to the deepExtend function within the DeepCopy.ts file. Depending on if user input is provided, an attacker...

5.6CVSS6.5AI score0.00562EPSS
Exploits1References2
Rows per page
Query Builder