Lucene search
K

15 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-6369

Malicious code in bioql PyPI...

9.8CVSS9.3AI score0.01092EPSS
Exploits1References6
NVD
NVD
added 2022/07/25 2:15 p.m.11 views

CVE-2020-28471

This affects the package properties-reader before 2.2.0...

9.8CVSS0.01092EPSS
Exploits1References3
OSV
OSV
added 2022/07/25 2:15 p.m.15 views

CVE-2020-28471

This affects the package properties-reader before 2.2.0...

9.8CVSS9.5AI score
Exploits0References3
Prion
Prion
added 2022/07/25 2:15 p.m.13 views

Design/Logic Flaw

This affects the package properties-reader before 2.2.0...

7.5CVSS9.5AI score0.01092EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2022/07/25 2:8 p.m.65 views

CVE-2020-28471

CVE-2020-28471 affects the Node.js package properties-reader before v2.2.0 and is a prototype pollution vulnerability. Public docs confirm the issue as a prototype pollution in properties-reader, with Bitbucket Data Center/Server references noting the vulnerability in 8.19.x releases and advising...

9.8CVSS8.4AI score0.01092EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2022/07/25 2:8 p.m.19 views

CVE-2020-28471 Prototype Pollution

This affects the package properties-reader before 2.2.0...

7.3CVSS9.6AI score0.01092EPSS
Exploits1References3
CNNVD
CNNVD
added 2022/07/25 12:0 a.m.4 views

properties-reader 安全漏洞

properties-reader is a Node.js property reader compatible with ini files by Steve King, a personal developer. A security vulnerability exists in properties-reader prior to version 2.2.0, which stems from the package's susceptibility to prototype contamination, and which can be exploited by an...

9.8CVSS8.2AI score0.01092EPSS
Exploits1References4
Github Security Blog
Github Security Blog
added 2022/07/19 2:28 p.m.22 views

Properties-Reader before v2.2.0 vulnerable to prototype pollution

Properties-Reader prior to version 2.2.0 is vulnerable to prototype pollution. Version 2.2.0 contains a patch for this issue...

9.8CVSS8.9AI score0.01092EPSS
Exploits1References6Affected Software1
vulnersOsv
vulnersOsv
added 2022/07/19 2:28 p.m.3 views

@achingbrain/appmetrics-dash (>=4.0.1 <=4.0.2), @adobe/aio-app-scripts (>=0.6.0 <=2.3.0) +190 more potentially affected by CVE-2020-28471 via properties-reader (>=0.0.10 <=2.1.1)

properties-reader NPM version =0.0.10, =4.0.1, =0.6.0, =2.1.0, =1.0.0, =0.3.1, =1.0.3, =0.6.0, =0.0.3, =0.0.2, =0.1.1, =0.2.0, =0.5.1-atomist-update-latest-1540938130032.20181101043939, =0.1.2, =0.0.1, =0.0.10 and more Source cves: CVE-2020-28471 Source advisory: OSV:GHSA-JXVF-M3X5-MXWQ...

9.8CVSS7.2AI score0.01092EPSS
Exploits1
OSV
OSV
added 2022/07/19 2:28 p.m.16 views

GHSA-JXVF-M3X5-MXWQ Properties-Reader before v2.2.0 vulnerable to prototype pollution

Properties-Reader prior to version 2.2.0 is vulnerable to prototype pollution. Version 2.2.0 contains a patch for this issue...

9.8CVSS9.4AI score0.01092EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2022/07/19 12:0 a.m.5 views

PT-2022-8905 · Unknown · Properties-Reader

Name of the Vulnerable Software and Affected Versions: properties-reader versions prior to 2.2.0 Description: The issue concerns a prototype pollution vulnerability. The estimated number of potentially affected devices worldwide is not available. There is no information about real-world incidents...

9.8CVSS9.3AI score0.01092EPSS
Exploits1References9
Snyk
Snyk
added 2021/01/14 1:2 p.m.6 views

Prototype Pollution

Overview properties-reader is a Properties file reader for Node.js Affected versions of this package are vulnerable to Prototype Pollution. PoC by Eugene Lim: payload.properties proto polluted = polluted poc.js: var propertiesReader = require'properties-reader';...

9.8CVSS9AI score0.01092EPSS
Exploits1References2
vulnersOsv
vulnersOsv
added 2021/01/14 1:2 p.m.4 views

@adobe/aio-app-scripts (>=0.6.0 <=2.3.0), @adobe/aio-cli (>=2.1.0 <=4.0.0) +21 more potentially affected by CVE-2020-28471 via properties-reader (>=2.0.0 <=2.1.1)

properties-reader NPM version =2.0.0, =0.6.0, =2.1.0, =1.0.0, =0.3.1, =1.0.3, =0.6.0, =1.7.0, =0.0.16, =2.0.0, =2.4.1-next.238, =2.0.0-RC1, =2.1.1-next.0, =2.1.1-next.0, =2.2.1-next.5, =2.1.1-next.0, =2.5.2-next.17 and more Source cves: CVE-2020-28471 Source advisory:...

9.8CVSS7.2AI score0.01092EPSS
Exploits1
Huntr
Huntr
added 2020/12/14 12:0 a.m.18 views

Prototype Pollution in steveukx/properties

Description properties-reader is vulnerable to Prototype Pollution. Proof of Concept 1. Create the following PoC and INI files: // poc.js var propertiesReader = require'properties-reader'; console.log"Before : " + .polluted console.log"Before : " + .polluted1 var properties =...

2.1AI score
Exploits0
Veracode
Veracode
added 2020/07/13 3:3 a.m.15 views

Prototype Pollution

properties-reader is vulnerable to prototype pollution. The vulnerability exists in the PropertiesReader.prototype.set function in properties-reader.js, allowing a malicious user to inject properties into existing construct prototypes and modify attributes such as proto, constructor, and prototyp...

9.8CVSS3.7AI score0.01092EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder