CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

4 matches found

OSV•added 2022/02/04 8:15 p.m.•18 views

CVE-2021-23507

The package object-path-set before 1.0.2 are vulnerable to Prototype Pollution via the setPath method, as it allows an attacker to merge object prototypes into it. Note: This vulnerability derives from an incomplete fix in https://security.snyk.io/vuln/SNYK-JS-OBJECTPATHSET-607908...

9.8CVSS9.5AI score

Exploits0References4

UbuntuCve•added 2021/08/27 5:15 p.m.•37 views

CVE-2021-23434

This affects the package object-path before 0.11.6. A type confusion vulnerability can lead to a bypass of CVE-2020-15256 when the path components used in the path parameter are arrays. In particular, the condition currentPath === 'proto' returns false if currentPath is 'proto'. This is because t...

8.6CVSS7.1AI score0.0039EPSS

Exploits1References6

Prion•added 2021/08/27 5:15 p.m.•28 views

Type confusion

This affects the package object-path before 0.11.6. A type confusion vulnerability can lead to a bypass of CVE-2020-15256 when the path components used in the path parameter are arrays. In particular, the condition currentPath === 'proto' returns false if currentPath is 'proto'. This is because t...

7.5CVSS8.9AI score0.0039EPSS

Exploits1References5Affected Software2

Debian CVE•added 2021/08/27 4:50 p.m.•36 views

CVE-2021-23434

This affects the package object-path before 0.11.6. A type confusion vulnerability can lead to a bypass of CVE-2020-15256 when the path components used in the path parameter are arrays. In particular, the condition currentPath === 'proto' returns false if currentPath is 'proto'. This is because t...

8.6CVSS7.6AI score0.0039EPSS

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by