11 matches found
EUVD-2021-0853
Malware in sbrugna...
CVE-2019-10805
valib through 2.0.0 allows Internal Property Tampering. A maliciously crafted JavaScript object can bypass several inspection functions provided by valib. Valib uses a built-in function hasOwnProperty from the unsafe user-input to examine an object. It is possible for a crafted payload to overwri...
Exposure of Resource to Wrong Sphere in valib
valib through 2.0.0 allows Internal Property Tampering. A maliciously crafted JavaScript object can bypass several inspection functions provided by valib. Valib uses a built-in function hasOwnProperty from the unsafe user-input to examine an object. It is possible for a crafted payload to overwri...
Internal Property Tampering
Overview bson is a BSON Parser for node and browser. Affected versions of this package are vulnerable to Internal Property Tampering. The package will ignore an unknown value for an object's bsotype, leading to cases where an object is serialized as a document rather than the intended BSON type...
Object Property Tampering
valib is vulnerable to object property tampering. The usage of the built-in functions hasOwnProperty with unsafe user-input to examine an object allows bypass of several inspection functions and overwriting of the function to manipulate the inspection results to bypass security checks...
CVE-2019-10805
valib through 2.0.0 allows Internal Property Tampering. A maliciously crafted JavaScript object can bypass several inspection functions provided by valib. Valib uses a built-in function hasOwnProperty from the unsafe user-input to examine an object. It is possible for a crafted payload to overwri...
CVE-2019-10805
valib through 2.0.0 allows Internal Property Tampering. A maliciously crafted JavaScript object can bypass several inspection functions provided by valib. Valib uses a built-in function hasOwnProperty from the unsafe user-input to examine an object. It is possible for a crafted payload to overwri...
Security feature bypass
valib through 2.0.0 allows Internal Property Tampering. A maliciously crafted JavaScript object can bypass several inspection functions provided by valib. Valib uses a built-in function hasOwnProperty from the unsafe user-input to examine an object. It is possible for a crafted payload to overwri...
Internal Property Tampering
Overview valib is an A standalone javascript library tailored for validation. Affected versions of this package are vulnerable to Internal Property Tampering. A maliciously crafted JavaScript object can bypass several inspection functions provided by valib. Valib uses a built-in function...
Internal Property Tampering
Overview taffydb is an open source JavaScript library that provides in-memory database capabilities Affected versions of this package are vulnerable to Internal Property Tampering. taffy sets an internal index for each data item in its DB. However, it is found that the internal index can be forge...
Internal Property Tampering
Overview schema-inspector is a JSON API sanitisation and validation module. Affected versions of this package are vulnerable to Internal Property Tampering. A maliciously crafted JavaScript object can bypass the sanitize and the validate function used within schema-inspector. Remediation Upgrade...