Lucene search
K

271 matches found

Cvelist
Cvelist
added 2020/07/15 7:14 p.m.33 views

CVE-2020-15366

An issue was discovered in ajv.validate in Ajv aka Another JSON Schema Validator 6.12.2. A carefully crafted JSON schema could be provided that allows execution of other code by prototype pollution. While untrusted schemas are recommended against, the worst case of an untrusted schema should be a...

7.3AI score0.02313EPSS
Exploits0References4
CVE
CVE
added 2020/07/15 7:14 p.m.252 views

CVE-2020-15366

CVE-2020-15366 affects Ajv (Another JSON Schema Validator) 6.12.2. A crafted JSON schema can trigger a prototype pollution vulnerability in the ajv.validate() function, potentially allowing execution of arbitrary code. This is explicitly described as enabling code execution via polluted prototype...

6.8CVSS7.2AI score0.02313EPSS
Exploits0References4Affected Software1
Debian CVE
Debian CVE
added 2020/07/15 7:14 p.m.30 views

CVE-2020-15366

An issue was discovered in ajv.validate in Ajv aka Another JSON Schema Validator 6.12.2. A carefully crafted JSON schema could be provided that allows execution of other code by prototype pollution. While untrusted schemas are recommended against, the worst case of an untrusted schema should be a...

6.8CVSS7.5AI score0.02313EPSS
Exploits0
Hacker One
Hacker One
added 2020/06/14 1:42 p.m.17 views

Node.js third-party modules: Arbitrary code execution via untrusted schemas in ajv

I would like to report an arbitrary code execution vulnerability in ajv. It allows to execute arbitrary code if an attacker-controlled schema is passed to the module. I have confirmed that this should be treated as a security issue. I labeled this as low because this is an unusual scenario, usual...

0.9AI score
Exploits0
Kitploit
Kitploit
added 2019/08/15 10:7 p.m.119 views

Airflowscan - Checklist And Tools For Increasing Security Of Apache Airflow

Checklist and tools for increasing security of Apache Airflow. DISCLAIMER This project NOT AFFILIATED with the Apache Foundation and the Airflow project, and is not endorsed by them. Contents The purpose of this project is provide tools to increase security of Apache Airflow. installations. This...

7.4AI score
Exploits0References4
vulnersOsv
vulnersOsv
added 2019/06/05 2:10 p.m.7 views

@cameronhunter/jest-json-schema (=2.1.0), @limedocs/core (>=1.0.0-beta.1 <=1.0.0-beta.13) +3 more potentially affected by unknown CVE via url-relative (=1.0.0)

url-relative NPM version =1.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on url-relative and may be impacted: - @cameronhunter/jest-json-schema =2.1.0 - @limedocs/core =1.0.0-beta.1, =0.9.0, =0.16.16 Source cves: unknown CVE Source advisory:...

5.8AI score
Exploits0
OpenVAS
OpenVAS
added 2019/05/07 12:0 a.m.92 views

Fedora Update for jackson-module-jsonSchema FEDORA-2019-df57551f6d

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

10CVSS8.7AI score0.12679EPSS
Exploits1References2
Fedora
Fedora
added 2019/02/19 2:3 p.m.64 views

[SECURITY] Fedora 29 Update: jackson-module-jsonSchema-2.9.8-1.fc29

Add-on module for to support JSON Schema version 3 generation...

10CVSS2.3AI score0.12679EPSS
Exploits1
Fedora
Fedora
added 2018/06/17 7:45 p.m.34 views

[SECURITY] Fedora 27 Update: nodejs-JSV-4.0.2-12.fc27

JSV is a JavaScript implementation of a extendable, fully compliant JSON Schema validator with the following features: The fastest extendable JSON validator available! Complete implementation of all current JSON Schema draft revisions. Supports creating individual environments sandboxes that...

6.8CVSS1.1AI score0.01342EPSS
Exploits1
Fedora
Fedora
added 2018/06/16 8:20 p.m.34 views

[SECURITY] Fedora 28 Update: nodejs-JSV-4.0.2-12.fc28

JSV is a JavaScript implementation of a extendable, fully compliant JSON Schema validator with the following features: The fastest extendable JSON validator available! Complete implementation of all current JSON Schema draft revisions. Supports creating individual environments sandboxes that...

6.8CVSS1.1AI score0.01342EPSS
Exploits1
Veracode
Veracode
added 2017/01/11 7:11 a.m.8 views

Man In The Middle (mitm)

json-schema is vulnerable to man-in-the-middle MitM attacks. The rubgems source is deprecated because HTTP requests are insecure. A malicious user can potentially compromise the source to conduct MitM attacks...

6.6AI score
Exploits0
Rows per page
Query Builder