Exposure of Resource to Wrong Sphere in valib

valib through 2.0.0 allows Internal Property Tampering. A maliciously crafted JavaScript object can bypass several inspection functions provided by valib. Valib uses a built-in function hasOwnProperty from the unsafe user-input to examine an object. It is possible for a crafted payload to overwri...

CVE-2019-10805

valib through 2.0.0 allows Internal Property Tampering. A maliciously crafted JavaScript object can bypass several inspection functions provided by valib. Valib uses a built-in function hasOwnProperty from the unsafe user-input to examine an object. It is possible for a crafted payload to overwri...

Security feature bypass

valib through 2.0.0 allows Internal Property Tampering. A maliciously crafted JavaScript object can bypass several inspection functions provided by valib. Valib uses a built-in function hasOwnProperty from the unsafe user-input to examine an object. It is possible for a crafted payload to overwri...

CVE-2019-10805

The CVE-2019-10805 issue affects the valib library (up to version 2.0.0) where a crafted payload can overwrite hasOwnProperty and bypass inspection functions, enabling Internal Property Tampering and bypass of security checks. Multiple connected advisories (RH, ENISA EUVD, OSV, Veracode, Snyk) co...