5 matches found
EUVD-2021-2047
Malware in sbrugna...
PT-2023-8584 · Dot-Diver · Dot-Diver
Name of the Vulnerable Software and Affected Versions: dot-diver versions prior to 1.0.2 Description: The issue is related to a Prototype Pollution vulnerability in the setByPath function, which can lead to remote code execution RCE. This vulnerability allows an attacker to modify object...
Prototype Pollution in jointjs
This affects the package jointjs before 3.4.2. A type confusion vulnerability can lead to a bypass of CVE-2020-28480 when the user-provided keys used in the path parameter are arrays in the setByPath function...
CVE-2021-23444
This affects the package jointjs before 3.4.2. A type confusion vulnerability can lead to a bypass of CVE-2020-28480 when the user-provided keys used in the path parameter are arrays in the setByPath function...
Type confusion
This affects the package jointjs before 3.4.2. A type confusion vulnerability can lead to a bypass of CVE-2020-28480 when the user-provided keys used in the path parameter are arrays in the setByPath function...