5 matches found
CVE-2026-54269
CVE-2026-54269 affects protobufjs. Prior to versions 8.6.0 and 7.6.3 , schema-derived names could collide with runtime helper properties (e.g., fields named hasOwnProperty, names like $type, and rpcCall). When loaded schemas are used, protobufjs could read schema-controlled data where an own-prop...
CVE-2026-54269 protobufjs: Schema-derived names can shadow runtime-significant properties
protobufjs compiles protobuf definitions into JavaScript JS functions. Prior to 8.6.0 and 7.6.3, protobufjs accepted certain schema-derived names that could collide with properties used by protobufjs runtime helpers. The known affected names are fields named hasOwnProperty, field or oneof names...
NPM: protobufjs : Schema-derived names can shadow runtime-significant properties
NPM: protobufjs : Schema-derived names can shadow runtime-significant properties vulnerability discovered by ? in WordPress Npm protobufjs-cli versions = 1.3.2...
NPM: protobufjs : Schema-derived names can shadow runtime-significant properties
NPM: protobufjs : Schema-derived names can shadow runtime-significant properties vulnerability discovered by ? in WordPress Npm protobufjs versions = 7.6.2...
Improper Check for Unusual or Exceptional Conditions
Overview protobufjs is a protocol buffer for JavaScript & TypeScript. Affected versions of this package are vulnerable to Improper Check for Unusual or Exceptional Conditions in the schema-derived names that collide with runtime-significant properties. An attacker can cause affected message or...