EUVD-2021-1109

Malware in sbrugna...

Fedora: Security Advisory for php-oojs-oojs-ui (FEDORA-2024-2c564b942d)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 40 Update: php-oojs-oojs-ui-0.48.1-1.fc40

OOjs UI Object-Oriented JavaScript =EF=BF=BD=EF=BF=BD=EF=BF=BD User Interfac e is a library that allows developers to rapidly create front-end web applications that operate consistently across a multitude of browsers...

Fedora: Security Advisory for php-oojs-oojs-ui (FEDORA-2022-ea159a2ec4)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 37 Update: php-oojs-oojs-ui-0.43.2-1.fc37

OOjs UI Object-Oriented JavaScript =EF=BF=BD=EF=BF=BD=EF=BF=BD User Interfac e is a library that allows developers to rapidly create front-end web applications that operate consistently across a multitude of browsers...

Mageia: Security Advisory (MGASA-2021-0050)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

node-oojs-tool (>=1.0.0 <=1.0.11), node-oojs-utility (>=1.0.5 <=1.2.11) +6 more potentially affected by CVE-2020-7721 via node-oojs (=1.4.0)

node-oojs NPM version =1.4.0 is affected by a known vulnerability. The following packages have a transitive dependency on node-oojs and may be impacted: - node-oojs-tool =1.0.0, =1.0.5, =0.0.6, =0.1.0, =0.1.1, =0.1.0, =1.0.0, =1.0.5 Source cves: CVE-2020-7721 Source advisory: OSV:GHSA-J4RW-X3VG-C...

GHSA-J4RW-X3VG-C8R7 Prototype Pollution in node-oojs

All versions of package node-oojs up to and including version 1.4.0 are vulnerable to Prototype Pollution via the setPath function...

Prototype Pollution in node-oojs

All versions of package node-oojs up to and including version 1.4.0 are vulnerable to Prototype Pollution via the setPath function...

Updated php-oojs-oojs-ui packages fix security vulnerabilities

The php-oojs-oojs-ui package has been updated to version 0.41.0 to pick up all of the latest fixes from upstream mediawiki...

[SECURITY] Fedora 33 Update: php-oojs-oojs-ui-0.39.3-1.fc33

OOjs UI Object-Oriented JavaScript =EF=BF=BD=EF=BF=BD=EF=BF=BD User Interf ace is a library that allows developers to rapidly create front-end web applications that operate consistently across a multitude of browsers...

Fedora 33 : mediawiki / php-oojs-oojs-ui / php-wikimedia-assert / etc (2020-a4802c53d9)

https://lists.wikimedia.org/pipermail/mediawiki-announce/2020-Septembe r/000263.html The 1.34.x series is now end-of-life and the 1.35.x series is a LTS release. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenabl...

Fedora: Security Advisory for php-oojs-oojs-ui (FEDORA-2020-a4802c53d9)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Prototype Pollution

node-oojs is vulnerable to prototype pollution. The vulnerability exists as the setPath function does not restrict proto headers to be set in objects...

CVE-2020-7721

CVE-2020-7721 affects node-oojs; vulnerable to Prototype Pollution via the setPath function. Affected: versions prior to 1.4.1 (up to 1.4.0 per advisories). Impact includes potential manipulation of Object.prototype, enabling outcomes like DoS or remote code execution in some scenarios. Remediati...

PT-2020-19742 · Npm · Node-Oojs

Name of the Vulnerable Software and Affected Versions: node-oojs versions prior to 1.4.1 Description: The issue concerns Prototype Pollution via the setPath function. This allows for potential manipulation of object properties, which could lead to various security issues. Recommendations: For...

node-oojs-tool (>=1.0.0 <=1.0.11), node-oojs-utility (>=1.0.5 <=1.2.11) +6 more potentially affected by CVE-2020-7721 via node-oojs (=1.4.0)

node-oojs NPM version =1.4.0 is affected by a known vulnerability. The following packages have a transitive dependency on node-oojs and may be impacted: - node-oojs-tool =1.0.0, =1.0.5, =0.0.6, =0.1.0, =0.1.1, =0.1.0, =1.0.0, =1.0.5 Source cves: CVE-2020-7721 Source advisory: SNYK:JS-NODEOOJS-598...

Prototype Pollution

Overview node-oojs is an Object Oriented JavaScript Affected versions of this package are vulnerable to Prototype Pollution via the setPath function. POC: require'node-oojs'; oojs.setPath'proto.polluted':true; console.logpolluted; Details Prototype Pollution is a vulnerability affecting JavaScrip...