Important: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

purl 安全漏洞

purl is a software application. An AMD-compatible utility that parses URLs and provides easy access to their attributes e.g., protocol, host, port, etc., path segments, query string parameters, fragment parameters, and more. A security vulnerability exists in purl 2.3.2, which arises from an...

CVE-2020-7617

The CVE-2020-7617 entry concerns the ini-parser package (up to version 0.0.2) and describes a Prototype Pollution vulnerability. An attacker can exploit a proto payload to add or modify properties on Object.prototype, enabling potential attacker-controlled behavior across JavaScript objects. Seve...

CVE-2018-3728

hoek node module before 4.2.0 and 5.0.x before 5.0.3 suffers from a Modification of Assumed-Immutable Data MAID vulnerability via 'merge' and 'applyToDefaults' functions, which allows a malicious user to modify the prototype of "Object" via proto, causing the addition or modification of an existi...