14 matches found
EUVD-2022-7697
Malicious code in bioql PyPI...
Prototype Pollution
rfc6902 is vulnerable to prototype pollution. The vulnerability exists because of missing sanitization in pointer.ts, which allows an attacker to inject malicious characteristics to add new values to the application object prototype, overwriting or contaminating the base object...
@acoustic-content-sdk/app (>=9.0.89 <=9.0.10076), @acoustic-content-sdk/bootstrap (>=9.0.360 <=9.0.10076) +311 more potentially affected by CVE-2021-4245 via rfc6902 (>=1.3.0 <=4.0.2)
rfc6902 NPM version =1.3.0, =9.0.89, =9.0.360, =8.0.475, =8.0.475, =9.0.30, =9.0.10034, =9.0.30, =9.0.30, =9.0.30, =8.0.475, =8.0.475, =8.0.475, =8.0.475, =9.0.242, =9.0.10067, =9.0.10076 and more Source cves: CVE-2021-4245 Source advisory: OSV:GHSA-P495-JXH2-WRFG...
npm package rfc6902 vulnerable to Prototype Pollution
A vulnerability classified as problematic has been found in chbrown rfc6902. This affects an unknown part of the file pointer.ts. The manipulation leads to improperly controlled modification of object prototype attributes 'prototype pollution'. The exploit has been disclosed to the public and may...
GHSA-P495-JXH2-WRFG npm package rfc6902 vulnerable to Prototype Pollution
A vulnerability classified as problematic has been found in chbrown rfc6902. This affects an unknown part of the file pointer.ts. The manipulation leads to improperly controlled modification of object prototype attributes 'prototype pollution'. The exploit has been disclosed to the public and may...
CVE-2021-4245
A vulnerability classified as problematic has been found in chbrown rfc6902. This affects an unknown part of the file pointer.ts. The manipulation leads to improperly controlled modification of object prototype attributes 'prototype pollution'. The exploit has been disclosed to the public and may...
CVE-2021-4245
A vulnerability classified as problematic has been found in chbrown rfc6902. This affects an unknown part of the file pointer.ts. The manipulation leads to improperly controlled modification of object prototype attributes 'prototype pollution'. The exploit has been disclosed to the public and may...
Design/Logic Flaw
A vulnerability classified as problematic has been found in chbrown rfc6902. This affects an unknown part of the file pointer.ts. The manipulation leads to improperly controlled modification of object prototype attributes 'prototype pollution'. The exploit has been disclosed to the public and may...
CVE-2021-4245
CVE-2021-4245 affects chbrown rfc6902, specifically the prototype pollution in the pointer.ts file. The root cause is improper sanitization that allows modification of object prototype attributes, enabling prototype pollution. Public disclosure of the exploit is noted. The recommended fix is appl...
CVE-2021-4245 chbrown rfc6902 pointer.ts prototype pollution
A vulnerability classified as problematic has been found in chbrown rfc6902. This affects an unknown part of the file pointer.ts. The manipulation leads to improperly controlled modification of object prototype attributes 'prototype pollution'. The exploit has been disclosed to the public and may...
Fedora: Security Advisory for golang-github-evanphx-json-patch (FEDORA-2022-ea8f4e232d)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 36 Update: golang-github-evanphx-json-patch-5.5.0-4.fc36
Jsonpatch is a library which provides functionallity for both applying RFC6902 JSON patches against documents, as well as for calculating & applying RFC7396 JSON merge patches...
[SECURITY] Fedora 36 Update: golang-github-evanphx-json-patch-5.5.0-3.fc36
Jsonpatch is a library which provides functionallity for both applying RFC6902 JSON patches against documents, as well as for calculating & applying RFC7396 JSON merge patches...
Prototype Pollution
rfc6902 is vulnerable to prototype pollution. An attacker is able to inject properties into existing construct prototypes and modify attributes such as proto, constructor and prototype...