EUVD-2021-2277

Malware in sbrugna...

CVE-2021-23807 vulnerabilities

Vulnerabilities for packages: py3-jsonpointer...

GHSA-282F-QQGM-C34Q vulnerabilities

Vulnerabilities for packages: py3-jsonpointer...

CVE-2021-23807 vulnerabilities

Vulnerabilities for packages: py3-jsonpointer...

GHSA-282F-QQGM-C34Q vulnerabilities

Vulnerabilities for packages: py3-jsonpointer...

The vulnerability of the jsonpointer package on the Node.js software platform allows a perpetrator to execute arbitrary code.

The vulnerability of the jsonpointer package in the Node.js software platform is related to errors in data type conversion. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

Security Bulletin: A security vulnerability in Node.js jsonpointer affects IBM Cloud Pak for Multicloud Management Managed Services

Summary A security vulnerability in Node.js jsonpointer affects IBM Cloud Pak for Multicloud Management Managed Services Vulnerability Details CVEID:CVE-2021-23807 DESCRIPTION: Node.js jsonpointer module could allow a remote attacker to execute arbitrary code on the system, caused by a prototype...

OESA-2022-1755 nodejs-jsonpointer security update

Simple JSON Addressing. Security Fixes: This affects the package jsonpointer before 5.0.0. A type confusion vulnerability can lead to a bypass of a previous Prototype Pollution fix when the pointer components are arrays.CVE-2021-23807...

new packages: python-jsonpointer

An update is available for python-jsonpointer. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky...

Security Bulletin: IBM App Connect Enterprise Certified Container may be affected by CVE-2021-23807

Summary IBM App Connect Enterprise Certified Container may be affected by a prototype polution vulnerability in jsonpointer due to CVE-2021-23807, that could allow a remote attacker to execute aritrary code or perform a denial of service attack Vulnerability Details CVEID: CVE-2021-23807...

Security Bulletin: A security vulnerability in Node.js jsonpointer module affects IBM Cloud Automation Manager

Summary A security vulnerability in Node.js jsonpointer module affects IBM Cloud Automation Manager. Vulnerability Details CVEID: CVE-2021-23807 DESCRIPTION: Node.js jsonpointer module could allow a remote attacker to execute arbitrary code on the system, caused by a prototype pollution flaw in t...

Prototype Pollution in node-jsonpointer

This affects the package jsonpointer before 5.0.0. A type confusion vulnerability can lead to a bypass of a previous Prototype Pollution fix when the pointer components are arrays...

GHSA-282F-QQGM-C34Q Prototype Pollution in node-jsonpointer

This affects the package jsonpointer before 5.0.0. A type confusion vulnerability can lead to a bypass of a previous Prototype Pollution fix when the pointer components are arrays...

@2109-t5/server (>=1.0.0 <=1.0.9), @abios/abios-redoc (>=1.0.0 <=2.5.0) +1090 more potentially affected by CVE-2021-23807 via jsonpointer (>=1.1.0 <=4.1.0)

jsonpointer NPM version =1.1.0, =1.0.0, =1.0.0, =0.12.4, =1.0.0, =2.13.1, =1.0.0, =0.0.1, =2.6.10, =2.0.0, =0.0.1, =0.0.1, =1.1.3 and more Source cves: CVE-2021-23807 Source advisory: OSV:GHSA-282F-QQGM-C34Q...

Prototype Pollution

jsonpointer is vulnerable to prototype pollution vulnerability. An attacker is able to inject arbitrary properties into existing construct prototypes and modification of attributes such as proto, constructor and prototype...

CVE-2021-23807

A Type Confusion vulnerability was found in node-jsonpointer. This issue leads to the bypass of a previous Prototype Pollution fix when the pointer components are arrays. This flaw allows an attacker to use objects of incompatible base types, leading to remote code execution. The highest threat...

CVE-2021-23807

This affects the package jsonpointer before 5.0.0. A type confusion vulnerability can lead to a bypass of a previous Prototype Pollution fix when the pointer components are arrays...

Type confusion

This affects the package jsonpointer before 5.0.0. A type confusion vulnerability can lead to a bypass of a previous Prototype Pollution fix when the pointer components are arrays...

CVE-2021-23807

CVE-2021-23807 affects the jsonpointer package (pre-5.0.0). Description: a type confusion vulnerability can bypass a prior Prototype Pollution fix when pointer components are arrays, potentially enabling arbitrary code execution or denial of service via crafted inputs. Affected products/contexts ...

CVE-2021-23807 Prototype Pollution

This affects the package jsonpointer before 5.0.0. A type confusion vulnerability can lead to a bypass of a previous Prototype Pollution fix when the pointer components are arrays...