@antv/ava (=3.6.0-alpha.0), @antv/g (>=6.0.0 <=6.2.1) +6 more potentially affected by unknown CVE via @antv/g-dom-mutation-observer-api (>=2.0.0 <=2.0.9)

@antv/g-dom-mutation-observer-api NPM version =2.0.0, =6.0.0, =0.5.9, =2.0.0, =1.2.5, =1.2.6 - expression-language-editor =0.0.4 Source cves: unknown CVE Source advisory: OSV:MAL-2026-3918...

EUVD-2020-19491

Malware in sbrugna...

CVE-2020-26967

When listening for page changes with a Mutation Observer, a malicious web page could confuse Firefox Screenshots into interacting with elements other than those that it injected into the page. This would lead to internal errors and unexpected behavior in the Screenshots code. This vulnerability...

Sulu HTML Injection via Autocomplete Suggestion

Impact It is an issue when input HTML into the Tag name. The HTML is execute when the tag name is listed in the auto complete form. Only admin users are affected and only admin users can create tags. Patches Has the problem been patched? What versions should users upgrade to? The problem is patch...

GHSA-GFRH-GWQC-63CV Sulu HTML Injection via Autocomplete Suggestion

Impact It is an issue when input HTML into the Tag name. The HTML is execute when the tag name is listed in the auto complete form. Only admin users are affected and only admin users can create tags. Patches Has the problem been patched? What versions should users upgrade to? The problem is patch...

SUSE CVE-2015-1243

Use-after-free vulnerability in the MutationObserver::disconnect function in core/dom/MutationObserver.cpp in the DOM implementation in Blink, as used in Google Chrome before 42.0.2311.135, allows remote attackers to cause a denial of service or possibly have unspecified other impact by triggerin...

SUSE CVE-2015-6789

Race condition in the MutationObserver implementation in Blink, as used in Google Chrome before 47.0.2526.80, allows remote attackers to cause a denial of service use-after-free or possibly have unspecified other impact by leveraging unanticipated object deletion...

SUSE CVE-2020-26967

When listening for page changes with a Mutation Observer, a malicious web page could confuse Firefox Screenshots into interacting with elements other than those that it injected into the page. This would lead to internal errors and unexpected behavior in the Screenshots code. This vulnerability...

Unspecified Vulnerability in Mozilla Firefox (CNVD-2021-00391)

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability exists in FireFox versions prior to FireFox 83, which stems from the fact that when listening for page changes using a mutation observer, a malicious web page may cause Firefox...

CVE-2020-26967

When listening for page changes with a Mutation Observer, a malicious web page could confuse Firefox Screenshots into interacting with elements other than those that it injected into the page. This would lead to internal errors and unexpected behavior in the Screenshots code. This vulnerability...

Code injection

When listening for page changes with a Mutation Observer, a malicious web page could confuse Firefox Screenshots into interacting with elements other than those that it injected into the page. This would lead to internal errors and unexpected behavior in the Screenshots code. This vulnerability...

CVE-2020-26967

When listening for page changes with a Mutation Observer, a malicious web page could confuse Firefox Screenshots into interacting with elements other than those that it injected into the page. This would lead to internal errors and unexpected behavior in the Screenshots code. This vulnerability...

CVE-2020-26967

When listening for page changes with a Mutation Observer, a malicious web page could confuse Firefox Screenshots into interacting with elements other than those that it injected into the page. This would lead to internal errors and unexpected behavior in the Screenshots code. This vulnerability...

CVE-2020-26967

The CVE-2020-26967 entry concerns Mozilla Firefox prior to version 83, where a MutationObserver-based page-change listener could cause Firefox Screenshots to interact with injected elements, triggering internal errors and unexpected behavior in the Screenshots code. The description is corroborate...

UBUNTU-CVE-2020-26967

When listening for page changes with a Mutation Observer, a malicious web page could confuse Firefox Screenshots into interacting with elements other than those that it injected into the page. This would lead to internal errors and unexpected behavior in the Screenshots code. This vulnerability...

Mozilla Firefox 安全漏洞

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability exists in FireFox versions prior to FireFox 83, which stems from the fact that when listening for page changes using a mutation observer, a malicious web page may cause Firefox...

chromium-browser: Use-after free in Blink

Race condition in the MutationObserver implementation in Blink, as used in Google Chrome before 47.0.2526.80, allows remote attackers to cause a denial of service use-after-free or possibly have unspecified other impact by leveraging unanticipated object deletion...

UBUNTU-CVE-2015-6789

Race condition in the MutationObserver implementation in Blink, as used in Google Chrome before 47.0.2526.80, allows remote attackers to cause a denial of service use-after-free or possibly have unspecified other impact by leveraging unanticipated object deletion...

Microsoft Internet Explorer Memory Corruption Vulnerability (CNVD-2016-01501)

Internet Explorer is a web browser from Microsoft. Internet Explorer 11 notified Mutation Observer of a security vulnerability in the way document character data is modified. By tampering with document elements, an attacker could force a CTreePos object in memory to be reused after release and th...

Mozilla use-after-free error with nsDOMAttribute MutationObserver (MFSA 2010-80)

Use-after-free vulnerability in Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, allows remote attackers to execute arbitrary code via vectors involving a change to an nsDOMAttribute node...