14 matches found
Security Bulletin: Multiple vulnerabilities in IBM Rational Developer for i ( CVE-2026-25639, CVE-2025-13465, CVE-2025-68470, CVE-2026-22029)
Summary IBM Rational Developer for i is affected by a denial of service vulnerability in axios CVE-2026-25639, a deletion of properties vulnerability in Lodash CVE-2025-13465, a navigation/redirect vulnerability in React Router CVE-2025-68470, and an unintended javascript execution vulnerability ...
EUVD-2021-0602
Malware in sbrugna...
EUVD-2023-0837
Malicious code in bioql PyPI...
CVE-2022-36060
matrix-react-sdk is a Matrix chat protocol SDK for React Javascript. Events sent with special strings in key places can temporarily disrupt or impede the matrix-react-sdk from functioning properly, such as by causing room or event tile crashes. The remainder of the application can appear...
CVE-2023-28103
matrix-react-sdk is a Matrix chat protocol SDK for React Javascript. In certain configurations, data sent by remote servers containing special strings in key locations could cause modifications of the Object.prototype, disrupting matrix-react-sdk functionality, causing denial of service and...
Design/Logic Flaw
matrix-react-sdk is a Matrix chat protocol SDK for React Javascript. In certain configurations, data sent by remote servers containing special strings in key locations could cause modifications of the Object.prototype, disrupting matrix-react-sdk functionality, causing denial of service and...
CVE-2022-36060
matrix-react-sdk is a Matrix chat protocol SDK for React Javascript. Events sent with special strings in key places can temporarily disrupt or impede the matrix-react-sdk from functioning properly, such as by causing room or event tile crashes. The remainder of the application can appear...
CVE-2022-36060 Prototype pollution in matrix-react-sdk
matrix-react-sdk is a Matrix chat protocol SDK for React Javascript. Events sent with special strings in key places can temporarily disrupt or impede the matrix-react-sdk from functioning properly, such as by causing room or event tile crashes. The remainder of the application can appear...
CVE-2023-28103
matrix-react-sdk is a Matrix chat protocol SDK for React Javascript. In certain configurations, data sent by remote servers containing special strings in key locations could cause modifications of the Object.prototype, disrupting matrix-react-sdk functionality, causing denial of service and...
CVE-2023-28103 Prototype pollution in matrix-react-sdk
matrix-react-sdk is a Matrix chat protocol SDK for React Javascript. In certain configurations, data sent by remote servers containing special strings in key locations could cause modifications of the Object.prototype, disrupting matrix-react-sdk functionality, causing denial of service and...
CVE-2021-21320
matrix-react-sdk is an npm package which is a Matrix SDK for React Javascript. In matrix-react-sdk before version 3.15.0, the user content sandbox can be abused to trick users into opening unexpected documents. The content is opened with a blob origin that cannot access Matrix user data, so...
Code injection
matrix-react-sdk is an npm package which is a Matrix SDK for React Javascript. In matrix-react-sdk before version 3.15.0, the user content sandbox can be abused to trick users into opening unexpected documents. The content is opened with a blob origin that cannot access Matrix user data, so...
CVE-2021-21320
CVE-2021-21320 affects the matrix-react-sdk (Matrix React SDK) before version 3.15.0, where the user content sandbox could be abused to trigger opening unexpected documents. The issue involves a blob-origin handling scenario that, per sources, cannot access Matrix user data, so messages and secre...
CVE-2021-21320 User content sandbox can be confused into opening arbitrary documents
matrix-react-sdk is an npm package which is a Matrix SDK for React Javascript. In matrix-react-sdk before version 3.15.0, the user content sandbox can be abused to trick users into opening unexpected documents. The content is opened with a blob origin that cannot access Matrix user data, so...