6 matches found
ROOT-APP-NPM-CVE-2025-8101 CVE-2025-8101 in @rootio/linkifyjs - Patched by Root
Root has patched CVE-2025-8101 in the @rootio/linkifyjs package for Root:npm. Multiple fixed versions available...
SUSE CVE-2025-8101
Improperly Controlled Modification of Object Prototype Attributes 'Prototype Pollution' vulnerability in Linkify linkifyjs allows XSS Targeting HTML Attributes and Manipulating User-Controlled Variables.This issue affects Linkify: from 4.3.1 before 4.3.2...
Prototype Pollution
Overview org.webjars.npm:linkifyjs is a Find URLs, email addresses, hashtags and @mentions in plain-text strings, then convert them into HTML links. Affected versions of this package are vulnerable to Prototype Pollution via the internal assign helper due to improper filtering of the proto...
@a.agiir/cinny (>=0.0.1 <=0.0.2), @a1tan/plugin-azure-openai (=0.4.0) +798 more potentially affected by CVE-2025-8101 via linkifyjs (>=4.0.0-beta.4 <=4.3.1)
linkifyjs NPM version =4.0.0-beta.4, =0.0.1, =0.1.0, =0.1.0, =1.0.0, =0.1.8, =0.1.10 - @alithya-oss/backstage-plugin-rag-ai =1.2.7 - @alithya-oss/backstage-plugin-time-saver =1.4.5 and more Source cves: CVE-2025-8101 Source advisory: SNYK:JS-LINKIFYJS-11502189...
org.webjars.npm:tiptap__extension-link (>=2.0.0-beta.199 <=2.0.0-beta.202) potentially affected by CVE-2025-8101 via org.webjars.npm:linkifyjs (=4.0.0-beta.6)
org.webjars.npm:linkifyjs MAVEN version =4.0.0-beta.6 is affected by a known vulnerability. The following packages have a transitive dependency on org.webjars.npm:linkifyjs and may be impacted: - org.webjars.npm:tiptapextension-link =2.0.0-beta.199, =2.0.0-beta.202 Source cves: CVE-2025-8101 Sour...
CVE-2025-8101
Improperly Controlled Modification of Object Prototype Attributes 'Prototype Pollution' vulnerability in Linkify linkifyjs allows XSS Targeting HTML Attributes and Manipulating User-Controlled Variables.This issue affects Linkify: from 4.3.1 before 4.3.2...