16 matches found
CVE-2024-39002
rjrodger jsonic-next v2.12.1 was discovered to contain a prototype pollution via the function util.clone. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service DoS via injecting arbitrary properties...
CVE-2024-38993
rjrodger jsonic-next v2.12.1 was discovered to contain a prototype pollution via the function empty. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service DoS via injecting arbitrary properties...
Prototype Pollution
@jsonic/jsonic-next is vulnerable to Prototype Pollution. The vulnerability is due to the functions empty, util.clone, util.prop, util.deep, and make not properly handling inputs containing the special property proto. Attackers can exploit this to modify the built-in Object.prototype, potentially...
Prototype Pollution
@jsonic/jsonic-next is vulnerable to Prototype Pollution. The vulnerability is due to several functions including empty, util.clone, util.prop, util.deep, and make, which can be exploited by passing crafted arguments with the proto property. This allows attackers to alter the behavior of all...
CVE-2024-39002
rjrodger jsonic-next v2.12.1 was discovered to contain a prototype pollution via the function util.clone. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service DoS via injecting arbitrary properties...
CVE-2024-39002
rjrodger jsonic-next v2.12.1 was discovered to contain a prototype pollution via the function util.clone. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service DoS via injecting arbitrary properties...
CVE-2024-38993
rjrodger jsonic-next v2.12.1 was discovered to contain a prototype pollution via the function empty. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service DoS via injecting arbitrary properties...
CVE-2024-38993
rjrodger jsonic-next v2.12.1 was discovered to contain a prototype pollution via the function empty. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service DoS via injecting arbitrary properties...
CVE-2024-38993
CVE-2024-38993 affects jsonic-next (rjrodger) version 2.12.1. The vulnerability is a prototype pollution in the function empty, allowing an attacker to inject arbitrary properties and potentially execute arbitrary code or cause a Denial of Service. Multiple sources confirm the issue originates in...
CVE-2024-38993
rjrodger jsonic-next v2.12.1 was discovered to contain a prototype pollution via the function empty. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service DoS via injecting arbitrary properties...
PT-2024-28309 · Rjrodger · Jsonic-Next
Name of the Vulnerable Software and Affected Versions: rjrodger jsonic-next version 2.12.1 Description: The issue allows attackers to execute arbitrary code or cause a Denial of Service DoS via injecting arbitrary properties, leveraging a prototype pollution vulnerability in the empty function...
CVE-2024-39002
rjrodger jsonic-next v2.12.1 was discovered to contain a prototype pollution via the function util.clone. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service DoS via injecting arbitrary properties...
CVE-2024-39002
rjrodger jsonic-next v2.12.1 was discovered to contain a prototype pollution via the function util.clone. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service DoS via injecting arbitrary properties...
CVE-2024-38993
rjrodger jsonic-next v2.12.1 was discovered to contain a prototype pollution via the function empty. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service DoS via injecting arbitrary properties...
PT-2024-28318 · Unknown · Jsonic-Next
Name of the Vulnerable Software and Affected Versions: jsonic-next version 2.12.1 Description: The issue allows attackers to execute arbitrary code or cause a Denial of Service DoS via injecting arbitrary properties. This is achieved through a prototype pollution vulnerability in the util.clone...
CVE-2024-39002
CVE-2024-39002 affects jsonic-next v2.12.1, with a prototype pollution flaw in the function util.clone . Exploitation can allow an attacker to execute arbitrary code or cause a Denial of Service by injecting arbitrary properties. A short-term workaround from PT Security recommends disabling the u...