Lucene search
K

27 matches found

Veracode
Veracode
added 2020/11/11 4:36 a.m.22 views

Prototype Pollution

json-ptr is vulnerable to prototype pollution. An attacker is able to inject arbitrary properties into existing construct prototypes...

9.8CVSS3.5AI score0.01879EPSS
Exploits1References5Affected Software1
NVD
NVD
added 2020/11/10 4:15 p.m.34 views

CVE-2020-7766

This affects all versions of package json-ptr. The issue occurs in the set operation https://flitbit.github.io/json-ptr/classes/srcpointer.jsonpointer.htmlset when the force flag is set to true. The function recursively set the property in the target object, however it does not properly check the...

9.8CVSS7.2AI score0.01879EPSS
Exploits1References3
OSV
OSV
added 2020/11/10 4:15 p.m.23 views

CVE-2020-7766

This affects all versions of package json-ptr. The issue occurs in the set operation https://flitbit.github.io/json-ptr/classes/srcpointer.jsonpointer.htmlset when the force flag is set to true. The function recursively set the property in the target object, however it does not properly check the...

9.8CVSS6.5AI score0.01879EPSS
Exploits1References3
Prion
Prion
added 2020/11/10 4:15 p.m.24 views

Code injection

This affects all versions of package json-ptr. The issue occurs in the set operation https://flitbit.github.io/json-ptr/classes/srcpointer.jsonpointer.htmlset when the force flag is set to true. The function recursively set the property in the target object, however it does not properly check the...

7.5CVSS9.2AI score0.01879EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2020/11/10 3:35 p.m.69 views

CVE-2020-7766

The CVE-2020-7766 issue affects the json-ptr package and is triggered in the set operation when the force flag is true. The vulnerable path recursively sets properties on the target object but does not adequately validate the key, enabling prototype pollution. Affected versions are before 3.0.0, ...

9.8CVSS7.1AI score0.01879EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2020/11/10 3:35 p.m.45 views

CVE-2020-7766 Prototype Pollution

This affects all versions of package json-ptr. The issue occurs in the set operation https://flitbit.github.io/json-ptr/classes/srcpointer.jsonpointer.htmlset when the force flag is set to true. The function recursively set the property in the target object, however it does not properly check the...

7.3CVSS7.2AI score0.01879EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2020/11/10 12:0 a.m.7 views

PT-2020-19778 · Json Ptr · Json-Ptr

Name of the Vulnerable Software and Affected Versions: json-ptr versions prior to 2.1.0 Description: The issue occurs in the set operation when the force flag is set to true. The function recursively sets the property in the target object, however it does not properly check the key being set,...

9.8CVSS9.2AI score0.01879EPSS
Exploits1References13
Rows per page
Query Builder