15 matches found
CVE-2026-5758
A flaw was found in the protocol-buffers-schema JavaScript library. This vulnerability, known as prototype pollution, allows an attacker to inject malicious properties into an object's core definition. This could enable an attacker to change how an application behaves, bypass security measures, o...
EUVD-2026-22993
JavaScript is vulnerable to prototype pollution in Mafintosh's protocol-buffers-schema Version 3.6.0, where an attacker may alter the application logic, bypass security checks, cause a DoS or achieve remote code execution...
Prototype Pollution
Overview org.webjars.npm:protocol-buffers-schema is a No nonsense protocol buffers schema parser written in Javascript Affected versions of this package are vulnerable to Prototype Pollution via the parse function. An attacker can modify object prototypes, potentially altering application logic,...
GHSA-J452-XHG8-QG39 Mafintosh's protocol-buffers-schema is vulnerable to prototype pollution
JavaScript is vulnerable to prototype pollution in Mafintosh's protocol-buffers-schema Version 3.6.0, where an attacker may alter the application logic, bypass security checks, cause a DoS or achieve remote code execution...
@amitojsingh366/keepkey-hardware-controller (=0.0.10), @apsiocoin/protobuf-serialization (=0.0.1-alpha1) +203 more potentially affected by CVE-2026-5758 via protocol-buffers-schema (>=2.2.0 <=3.6.0)
protocol-buffers-schema NPM version =2.2.0, =2.0.9, =2.0.7, =2.1.2, =0.0.25, =0.0.19, =2.0.12, =2.0.11, =0.0.12, =6.1.2, =0.18.4, =0.18.4, =1.16.11, =1.4.2, =2.14.3 and more Source cves: CVE-2026-5758 Source advisory: OSV:GHSA-J452-XHG8-QG39...
Prototype Pollution
Overview protocol-buffers-schema is a No nonsense protocol buffers schema parser written in Javascript Affected versions of this package are vulnerable to Prototype Pollution via the parse function. An attacker can modify object prototypes, potentially altering application logic, bypassing securi...
@amitojsingh366/keepkey-hardware-controller (=0.0.10), @apsiocoin/protobuf-serialization (=0.0.1-alpha1) +179 more potentially affected by CVE-2026-5758 via protocol-buffers-schema (>=3.1.0 <=3.6.0)
protocol-buffers-schema NPM version =3.1.0, =2.0.9, =2.0.7, =2.1.2, =0.0.25, =0.0.19, =2.0.12, =2.0.11, =0.0.12, =6.1.2, =0.18.4, =0.18.4, =1.16.11, =1.4.2, =2.14.3 and more Source cves: CVE-2026-5758 Source advisory: SNYK:JS-PROTOCOLBUFFERSSCHEMA-16420259...
com.graphhopper:graphhopper-web-bundle (>=3.0 <=client_hc_no_vehicle), org.webjars.npm:geobuf (=3.0.2) +19 more potentially affected by CVE-2026-5758 via org.webjars.npm:protocol-buffers-schema (=3.6.0)
org.webjars.npm:protocol-buffers-schema MAVEN version =3.6.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.webjars.npm:protocol-buffers-schema and may be impacted: - com.graphhopper:graphhopper-web-bundle =3.0, =1.10.1, =3.0.0-pre.4, =4.0.3,...
Mafintosh's protocol-buffers-schema is vulnerable to prototype pollution
JavaScript is vulnerable to prototype pollution in Mafintosh's protocol-buffers-schema Version 3.6.0, where an attacker may alter the application logic, bypass security checks, cause a DoS or achieve remote code execution...
CVE-2026-5758
JavaScript is vulnerable to prototype pollution in Mafintosh's protocol-buffers-schema Version 3.6.0, where an attacker may alter the application logic, bypass security checks, cause a DoS or achieve remote code execution...
CVE-2026-5758
CVE-2026-5758 affects Mafintosh’s protocol-buffers-schema (JavaScript) versions around 3.6.0. The issue is prototype pollution in the library, enabling an attacker to alter application logic, bypass security checks, cause a denial of service, or potentially achieve remote code execution. The avai...
CVE-2026-5758
JavaScript is vulnerable to prototype pollution in Mafintosh's protocol-buffers-schema Version 3.6.0, where an attacker may alter the application logic, bypass security checks, cause a DoS or achieve remote code execution...
CVE-2026-5758 Mafintosh's protocol-buffers-schema is vulnerable to prototype pollution
JavaScript is vulnerable to prototype pollution in Mafintosh's protocol-buffers-schema Version 3.6.0, where an attacker may alter the application logic, bypass security checks, cause a DoS or achieve remote code execution...
CVE-2026-5758 Mafintosh's protocol-buffers-schema is vulnerable to prototype pollution
JavaScript is vulnerable to prototype pollution in Mafintosh's protocol-buffers-schema Version 3.6.0, where an attacker may alter the application logic, bypass security checks, cause a DoS or achieve remote code execution...
protocol-buffers-schema 安全漏洞
protocol-buffers-schema is a Protocol Buffers pattern parser written in JavaScript by Mathias Buus. Version 3.6.0 of protocol-buffers-schema contains a security vulnerability, which stems from JavaScript prototype pollution. This vulnerability could allow attackers to alter application logic,...