11 matches found
CVE-2019-10798
rdf-graph-array through 0.3.0-rc6 manipulation of JavaScript objects resutling in Prototype Pollution. The rdf.Graph.prototype.add method could be tricked into adding or modifying properties of Object.prototype...
Uncontrolled Resource Consumption in rdf-graph-array
rdf-graph-array through 0.3.0-rc6 manipulation of JavaScript objects resutling in Prototype Pollution. The rdf.Graph.prototype.add method could be tricked into adding or modifying properties of Object.prototype...
GHSA-PRV2-XWR7-HR57 Uncontrolled Resource Consumption in rdf-graph-array
rdf-graph-array through 0.3.0-rc6 manipulation of JavaScript objects resutling in Prototype Pollution. The rdf.Graph.prototype.add method could be tricked into adding or modifying properties of Object.prototype...
Prototype Pollution
rdf-graph-array is vulnerable to prototype pollution. The vulnerability exists as the rdf.Graph.prototype.add method could be used to add or modify properties of Object.prototype...
CVE-2019-10798
rdf-graph-array through 0.3.0-rc6 manipulation of JavaScript objects resutling in Prototype Pollution. The rdf.Graph.prototype.add method could be tricked into adding or modifying properties of Object.prototype...
CVE-2019-10798
rdf-graph-array through 0.3.0-rc6 manipulation of JavaScript objects resutling in Prototype Pollution. The rdf.Graph.prototype.add method could be tricked into adding or modifying properties of Object.prototype...
Design/Logic Flaw
rdf-graph-array through 0.3.0-rc6 manipulation of JavaScript objects resutling in Prototype Pollution. The rdf.Graph.prototype.add method could be tricked into adding or modifying properties of Object.prototype...
CVE-2019-10798
rdf-graph-array through 0.3.0-rc6 manipulation of JavaScript objects resutling in Prototype Pollution. The rdf.Graph.prototype.add method could be tricked into adding or modifying properties of Object.prototype...
CVE-2019-10798
CVE-2019-10798 concerns prototype pollution in the JavaScript graph library rdf-graph-array (affected up to 0.3.0-rc6). The issue arises from rdf.Graph.prototype.add being able to inject/modify properties on Object.prototype. Public sources (NVD/Red Hat/Snyk/Veracode, etc.) describe this as a pro...
@rdfoo/rdf-parser-n3 (>=0.3.0 <=0.4.0), arca-ontodia (>=0.9.36 <=0.9.47) +63 more potentially affected by CVE-2019-10798 via rdf-graph-array (=0.3.0)
rdf-graph-array NPM version =0.3.0 is affected by a known vulnerability. The following packages have a transitive dependency on rdf-graph-array and may be impacted: - @rdfoo/rdf-parser-n3 =0.3.0, =0.9.36, =0.3.0, =0.0.2, =1.0.0, =0.1.1, =0.1.0, =1.0.0, =0.0.1-alpha.1, =0.1.0, =0.1.0, =0.5.0 and...
Prototype Pollution
Overview rdf-graph-array is a Graph implementation using arrays. Note: This package is no longer maintained. Affected versions of this package are vulnerable to Prototype Pollution. The rdf.Graph.prototype.add method could be tricked into adding or modifying properties of Object.prototype using a...