Lucene search
K

5 matches found

OSV
OSV
added 2022/06/18 12:0 a.m.4 views

GHSA-P23C-P8W2-WW5V Prototype Pollution in querymen

All versions of package querymen are vulnerable to Prototype Pollution if the parameters of exported function handlertype, name, fn can be controlled by users without any sanitization. Note: This vulnerability derives from an incomplete fix of CVE-2020-7600...

5.9CVSS5.9AI score0.011EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2022/01/11 12:0 a.m.28 views

CentOS: Security Advisory for firefox (CESA-2021:5014)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.8CVSS7.2AI score0.0202EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2021/12/08 10:16 a.m.4 views

Mozilla: External protocol handler parameters were unescaped

When invoking protocol handlers for external protocols, a supplied parameter URL containing spaces was not properly escaped. This vulnerability affects Thunderbird 91.4.0, Firefox ESR 91.4.0, and Firefox 95...

6.5CVSS7.3AI score0.01576EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2021/12/08 10:13 a.m.3 views

Mozilla: External protocol handler parameters were unescaped

When invoking protocol handlers for external protocols, a supplied parameter URL containing spaces was not properly escaped. This vulnerability affects Thunderbird 91.4.0, Firefox ESR 91.4.0, and Firefox 95...

6.5CVSS7.3AI score0.01576EPSS
Exploits0References4
Snyk
Snyk
added 2020/03/12 5:26 p.m.4 views

Prototype Pollution

Overview querymen is a Querystring parser middleware for MongoDB, Express and Nodejs. Affected versions of this package are vulnerable to Prototype Pollution. The parameters of exported function handlertype, name, fn can be controlled by users without any sanitization. This could be abused for...

5.9CVSS6.7AI score0.01127EPSS
Exploits1References2
Rows per page
Query Builder