CVE-2025-57324

parse is a package designed to parse JavaScript SDK. A Prototype Pollution vulnerability in the SingleInstanceStateController.initializeState function of parse version 5.3.0 and before allows attackers to inject properties on Object.prototype via supplying a crafted payload, causing denial of...

Linux Distros Unpatched Vulnerability : CVE-2021-23351

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The package github.com/pires/go-proxyproto before 0.5.0 are vulnerable to Denial of Service DoS via the parseVersion1 function. The reader in this package is a...

PT-2022-13363 · Parse-Url +2 · Url-Parse +2

Name of the Vulnerable Software and Affected Versions: url-parse versions prior to 1.5.9 Description: The issue arises from leading control characters in a URL not being stripped when passed into url-parse, potentially causing input URLs to be mistakenly interpreted as relative URLs without a...

960.css (=1.0.0), @4site/engrid-styles (>=0.2.19 <=0.2.24) +124 more potentially affected by CVE-2021-23343 via path-parse (>=1.0.5 <=1.0.6)

path-parse NPM version =1.0.5, =0.2.19, =0.1.1, =7.0.0, =0.2.0, =0.17.0, =0.17.0, =0.19.0, =0.17.0, =0.23.0, =0.17.0, =0.17.0, =0.17.1 - @choerodon/issue =0.17.0 and more Source cves: CVE-2021-23343 Source advisory: OSV:GHSA-HJ48-42VR-X3V9...

Denial of Service (DoS)

Overview github.com/pires/go-proxyproto is a Go library implementation of the PROXY protocol, versions 1 and 2. Affected versions of this package are vulnerable to Denial of Service DoS via the parseVersion1 function. The reader in this package is a default bufio.Reader wrapping a net.Conn. It wi...