3 matches found
The vulnerability of the JSONata data transformation software lies in the uncontrolled modification of prototype attributes, allowing attackers to execute arbitrary code or cause service failures.
The vulnerability of the JSONata data transformation software is related to uncontrolled changes to object prototype attributes. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or cause service failures...
@3c-node-red/runtime (=3.1.6), @adeunis/node-red-contrib-adeunis-codecs (=1.0.0) +244 more potentially affected by CVE-2024-27307 via jsonata (>=1.5.0 <=1.8.6)
jsonata NPM version =1.5.0, =20.2.3, =5.0.0, =0.8.0, =0.0.1, =1.0.0, =1.0.1, =2.0.0, =2.0.4 - @elastic.io/batching-library =2.0.1-dev.4 and more Source cves: CVE-2024-27307 Source advisory: OSV:GHSA-FQG8-VFV7-8FJ8...
@bifravst/muninn-proto (>=5.0.0 <=5.2.0-chart-proto.1), @cenk1cenk2/renovate-config (>=2.3.132 <=2.3.148) +9 more potentially affected by CVE-2024-27307 via jsonata (=2.0.3)
jsonata NPM version =2.0.3 is affected by a known vulnerability. The following packages have a transitive dependency on jsonata and may be impacted: - @bifravst/muninn-proto =5.0.0, =2.3.132, =1.0.0, =1.0.0, =0.14.0, =5.1.0, =4.0.0, =1.0.7, =36.7.0, =37.227.0 Source cves: CVE-2024-27307 Source...