4 matches found
GHSA-F38Q-MGVJ-VPH7 protobufjs : Schema-derived names can shadow runtime-significant properties
Summary protobufjs accepted certain schema-derived names that could collide with properties used by protobufjs runtime helpers. The known affected names are fields named hasOwnProperty, field or oneof names such as $type when loaded through protobufjs JSON/reflection descriptors, and service...
Improper Check for Unusual or Exceptional Conditions
Overview Affected versions of this package are vulnerable to Improper Check for Unusual or Exceptional Conditions in the schema-derived names that collide with runtime-significant properties. An attacker can cause affected message or service types to become unusable, resulting in denial of servic...
protobufjs : Schema-derived names can shadow runtime-significant properties
Summary protobufjs accepted certain schema-derived names that could collide with properties used by protobufjs runtime helpers. The known affected names are fields named hasOwnProperty, field or oneof names such as $type when loaded through protobufjs JSON/reflection descriptors, and service...
PT-2026-49584
Name of the Vulnerable Software and Affected Versions protobufjs versions prior to 8.6.0 protobufjs versions prior to 7.6.3 Description protobufjs accepts certain schema-derived names that collide with properties used by runtime helpers. Specifically, this occurs with fields named hasOwnProperty,...