17 matches found
EUVD-2023-0100
Malicious code in bioql PyPI...
json-logic-js Command Injection vulnerability
A vulnerability, which was classified as critical, has been found in json-logic-js 2.0.0. Affected by this issue is some unknown functionality of the file logic.js. The manipulation leads to command injection. Upgrading to version 2.0.1 is able to address this issue. The name of the patch is...
CVE-2021-4329
A vulnerability, which was classified as critical, has been found in json-logic-js 2.0.0. Affected by this issue is some unknown functionality of the file logic.js. The manipulation leads to command injection. Upgrading to version 2.0.1 is able to address this issue. The patch is identified as...
CVE-2021-4329
A vulnerability, which was classified as critical, has been found in json-logic-js 2.0.0. Affected by this issue is some unknown functionality of the file logic.js. The manipulation leads to command injection. Upgrading to version 2.0.1 is able to address this issue. The patch is identified as...
PYSEC-2023-209
A vulnerability, which was classified as critical, has been found in json-logic-js 2.0.0. Affected by this issue is some unknown functionality of the file logic.js. The manipulation leads to command injection. Upgrading to version 2.0.1 is able to address this issue. The patch is identified as...
PYSEC-2023-209
A vulnerability, which was classified as critical, has been found in json-logic-js 2.0.0. Affected by this issue is some unknown functionality of the file logic.js. The manipulation leads to command injection. Upgrading to version 2.0.1 is able to address this issue. The patch is identified as...
Command injection
A vulnerability, which was classified as critical, has been found in json-logic-js 2.0.0. Affected by this issue is some unknown functionality of the file logic.js. The manipulation leads to command injection. Upgrading to version 2.0.1 is able to address this issue. The patch is identified as...
CVE-2021-4329 json-logic-js logic.js command injection
A vulnerability, which was classified as critical, has been found in json-logic-js 2.0.0. Affected by this issue is some unknown functionality of the file logic.js. The manipulation leads to command injection. Upgrading to version 2.0.1 is able to address this issue. The patch is identified as...
CVE-2021-4329 json-logic-js logic.js command injection
A vulnerability, which was classified as critical, has been found in json-logic-js 2.0.0. Affected by this issue is some unknown functionality of the file logic.js. The manipulation leads to command injection. Upgrading to version 2.0.1 is able to address this issue. The patch is identified as...
CVE-2021-4329
CVE-2021-4329 (json-logic-js 2.0.0) has a command-injection vulnerability in the logic.js component, enabling arbitrary code execution as described across multiple sources. The issue affects json-logic-js 2.0.0 and is fixed by upgrading to 2.0.1, with the patch identified as c1dd82f5b15d8a553bb7a...
PT-2023-36074 · Unknown · Json-Logic-Js
Name of the Vulnerable Software and Affected Versions: json-logic-js version 2.0.0 Description: A critical issue has been found in json-logic-js, affecting some unknown functionality of the file logic.js. The manipulation leads to command injection. Recommendations: For json-logic-js version 2.0....
PT-2023-12425 · Unknown · Json-Logic-Js
Name of the Vulnerable Software and Affected Versions: json-logic-js version 2.0.0 Description: A critical issue has been found in the json-logic-js software, affecting some unknown functionality of the file logic.js. The manipulation of this issue leads to command injection. Recommendations: For...
json-logic-js 命令注入漏洞
json-logic-js is an application by Jeremy Wadhams personal developer. It is used to build complex rules, serialize them to JSON, and execute them in JavaScript. A command injection vulnerability exists in versions of json-logic-js prior to 2.0.1, which stems from the presence of a command injecti...
Prototype Pollution in json-logic-js
Versions of json-logic-js prior to 2.0.0 are vulnerable to Prototype Pollution. The method operation allows a malicious user to modify the prototype of Object through the method property name. This causes modification of any existing property that will exist on all objects and leads to Remote Cod...
GHSA-M9HW-7XFV-WQG7 Prototype Pollution in json-logic-js
Versions of json-logic-js prior to 2.0.0 are vulnerable to Prototype Pollution. The method operation allows a malicious user to modify the prototype of Object through the method property name. This causes modification of any existing property that will exist on all objects and leads to Remote Cod...
Prototype Pollution
json-logic-js is vulnerable to prototype pollution. An attacker is able to inject properties into existing construct prototypes and modify attributes such as proto, constructor and prototype...
Prototype Pollution
Overview Versions of json-logic-js prior to 2.0.0 are vulnerable to Prototype Pollution. The method operation allows a malicious user to modify the prototype of Object through the method property name. This causes modification of any existing property that will exist on all objects and leads to...