11 matches found
EUVD-2022-1199
Malicious code in bioql PyPI...
Prototype Pollution
litespeed.js is vulnerable to prototype pollution. The vulnerability exists due to a lack of sanitization for the key value in the state.js file which allows an attacker to inject properties into existing construct prototypes and modify attributes...
GHSA-V9P9-535W-4285 Prototype Pollution in litespeed.js and appwrite/server-ce
This affects the package litespeed.js before 0.3.12; the package appwrite/server-ce from 0.12.0 and before 0.12.2, before 0.11.1. When parsing the query string in the getJsonFromUrl function, the key that is set in the result object is not properly sanitized leading to a Prototype Pollution...
Prototype Pollution in litespeed.js and appwrite/server-ce
This affects the package litespeed.js before 0.3.12; the package appwrite/server-ce from 0.12.0 and before 0.12.2, before 0.11.1. When parsing the query string in the getJsonFromUrl function, the key that is set in the result object is not properly sanitized leading to a Prototype Pollution...
CVE-2021-23682
This affects the package litespeed.js before 0.3.12; the package appwrite/server-ce from 0.12.0 and before 0.12.2, before 0.11.1. When parsing the query string in the getJsonFromUrl function, the key that is set in the result object is not properly sanitized leading to a Prototype Pollution...
Code injection
This affects the package litespeed.js before 0.3.12; the package appwrite/server-ce from 0.12.0 and before 0.12.2, before 0.11.1. When parsing the query string in the getJsonFromUrl function, the key that is set in the result object is not properly sanitized leading to a Prototype Pollution...
CVE-2021-23682 Prototype Pollution
This affects the package litespeed.js before 0.3.12; the package appwrite/server-ce from 0.12.0 and before 0.12.2, before 0.11.1. When parsing the query string in the getJsonFromUrl function, the key that is set in the result object is not properly sanitized leading to a Prototype Pollution...
CVE-2021-23682
Prototype pollution vulnerability in litespeed.js (
litespeed.js 安全漏洞
litespeed.js is a lean and fast micro JavaScript framework. A security vulnerability exists in litespeed.js prior to version 0.3.12, which stems from a Prototype Pollution vulnerability when parsing a query string in the getJsonFromUrl function, where keys set in the result object are not properl...
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
This affects the package litespeed.js before 0.3.12; the package appwrite/server-ce from 0.12.0 and before 0.12.2, before 0.11.1. When parsing the query string in the getJsonFromUrl function, the key that is set in the result object is not properly sanitized leading to a Prototype Pollution...
Prototype Pollution
Overview litespeed.js is a Lite & fast micro javascript framework that is easy to learn. Affected versions of this package are vulnerable to Prototype Pollution. When parsing the query string in the getJsonFromUrl function, the key that is set in the result object is not properly sanitized leadin...