20 matches found
CVE-2024-39002
rjrodger jsonic-next v2.12.1 was discovered to contain a prototype pollution via the function util.clone. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service DoS via injecting arbitrary properties...
CVE-2024-38993
rjrodger jsonic-next v2.12.1 was discovered to contain a prototype pollution via the function empty. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service DoS via injecting arbitrary properties...
Prototype Pollution
@jsonic/jsonic-next is vulnerable to Prototype Pollution. The vulnerability is due to the functions empty, util.clone, util.prop, util.deep, and make not properly handling inputs containing the special property proto. Attackers can exploit this to modify the built-in Object.prototype, potentially...
Prototype Pollution
@jsonic/jsonic-next is vulnerable to Prototype Pollution. The vulnerability is due to several functions including empty, util.clone, util.prop, util.deep, and make, which can be exploited by passing crafted arguments with the proto property. This allows attackers to alter the behavior of all...
jsonic was discovered to contain a prototype pollution via the function empty.
rjrodger jsonic-next v2.12.1 was discovered to contain a prototype pollution via the function empty. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service DoS via injecting arbitrary properties...
GHSA-4WM9-3QMV-GVXJ jsonic was discovered to contain a prototype pollution via the function empty.
rjrodger jsonic-next v2.12.1 was discovered to contain a prototype pollution via the function empty. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service DoS via injecting arbitrary properties...
CVE-2024-39002
rjrodger jsonic-next v2.12.1 was discovered to contain a prototype pollution via the function util.clone. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service DoS via injecting arbitrary properties...
CVE-2024-39002
rjrodger jsonic-next v2.12.1 was discovered to contain a prototype pollution via the function util.clone. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service DoS via injecting arbitrary properties...
CVE-2024-38993
rjrodger jsonic-next v2.12.1 was discovered to contain a prototype pollution via the function empty. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service DoS via injecting arbitrary properties...
CVE-2024-38993
rjrodger jsonic-next v2.12.1 was discovered to contain a prototype pollution via the function empty. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service DoS via injecting arbitrary properties...
jsonic Security Vulnerabilities
jsonic is a JSON parser for Node.js open-sourced by jsonicjs. A security vulnerability exists in jsonic version v2.12.1, which stems from inclusion of prototype contamination via the function empty, allowing an attacker to execute arbitrary code or cause a denial of service DoS by injecting...
CVE-2024-38993
CVE-2024-38993 affects jsonic-next (rjrodger) version 2.12.1. The vulnerability is a prototype pollution in the function empty, allowing an attacker to inject arbitrary properties and potentially execute arbitrary code or cause a Denial of Service. Multiple sources confirm the issue originates in...
PT-2024-28309 · Rjrodger · Jsonic-Next
Name of the Vulnerable Software and Affected Versions: rjrodger jsonic-next version 2.12.1 Description: The issue allows attackers to execute arbitrary code or cause a Denial of Service DoS via injecting arbitrary properties, leveraging a prototype pollution vulnerability in the empty function...
CVE-2024-38993
rjrodger jsonic-next v2.12.1 was discovered to contain a prototype pollution via the function empty. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service DoS via injecting arbitrary properties...
jsonic Security Vulnerabilities
jsonic is a JSON parser for Node.js open-sourced by jsonicjs. A security vulnerability exists in jsonic version v2.12.1, which stems from the inclusion of prototype contamination via the function util.clone, allowing an attacker to execute arbitrary code or cause a denial of service DoS by...
CVE-2024-39002
rjrodger jsonic-next v2.12.1 was discovered to contain a prototype pollution via the function util.clone. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service DoS via injecting arbitrary properties...
CVE-2024-39002
rjrodger jsonic-next v2.12.1 was discovered to contain a prototype pollution via the function util.clone. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service DoS via injecting arbitrary properties...
CVE-2024-39002
CVE-2024-39002 affects jsonic-next v2.12.1, with a prototype pollution flaw in the function util.clone . Exploitation can allow an attacker to execute arbitrary code or cause a Denial of Service by injecting arbitrary properties. A short-term workaround from PT Security recommends disabling the u...
CVE-2024-38993
rjrodger jsonic-next v2.12.1 was discovered to contain a prototype pollution via the function empty. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service DoS via injecting arbitrary properties...
PT-2024-28318 · Unknown · Jsonic-Next
Name of the Vulnerable Software and Affected Versions: jsonic-next version 2.12.1 Description: The issue allows attackers to execute arbitrary code or cause a Denial of Service DoS via injecting arbitrary properties. This is achieved through a prototype pollution vulnerability in the util.clone...