Lucene search
K

4 matches found

NVD
NVD
added 2023/04/05 8:15 p.m.12 views

CVE-2023-0842

xml2js version 0.4.23 allows an external attacker to edit or add new properties to an object. This is possible because the application does not properly validate incoming JSON keys, thus allowing the proto property to be edited...

5.3CVSS5.4AI score0.01404EPSS
Exploits1References4
Github Security Blog
Github Security Blog
added 2022/11/04 12:0 p.m.24 views

fastest-json-copy vulnerable to Prototype Pollution

fastest-json-copy version 1.0.1 allows an external attacker to edit or add new properties to an object. This is possible because the application does not correctly validate the incoming JSON keys, thus allowing the proto property to be edited...

5.3CVSS5.5AI score0.00615EPSS
Exploits1References4Affected Software1
CNNVD
CNNVD
added 2022/11/03 12:0 a.m.5 views

fastest-json-copy 安全漏洞

fastest-json-copy is a library by Vadim Dalecky personal developer . It is used for JSON deep cloning implementations. A security vulnerability exists in fastest-json-copy version 1.0.1, which stems from an application not properly validating incoming JSON keys...

5.3CVSS5.7AI score0.00615EPSS
Exploits1References4
CNNVD
CNNVD
added 2022/11/03 12:0 a.m.64 views

deep-object-diff 安全漏洞

deep-object-diff is a small library by Matt Phillips, a personal developer, that can deeply differentiate between two JavaScript objects, including arrays and nested structures of objects. A security vulnerability exists in deep-object-diff version 1.1.0 that stems from an application's inability...

5.3CVSS5.7AI score0.00643EPSS
Exploits1References4
Rows per page
Query Builder