CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

12 matches found

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2022-0644

Malicious code in bioql PyPI...

9.8CVSS7.2AI score0.01995EPSS

Exploits1References12

Tenable Nessus•added 2025/08/30 12:0 a.m.•2 views

Linux Distros Unpatched Vulnerability : CVE-2021-23450

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - All versions of package dojo are vulnerable to Prototype Pollution via the setObject function. CVE-2021-23450 Note that Nessus relies on the presence of the...

9.8CVSS6.7AI score0.01995EPSS

Exploits1References2

Veracode•added 2022/12/13 2:14 a.m.•35 views

HTTP Response Splitting

netty-codec-http is vulnerable to HTTP response splitting attack. The vulnerability exists in the setObject function of DefaultHeaders.java as it takes the arrays and iterators as arguments, providing a way to bypass value validation allowing an attacker to inject malicious header values into the...

6.5CVSS6.8AI score0.00497EPSS

Exploits1References8Affected Software2

Github Security Blog•added 2022/01/05 3:1 p.m.•123 views

Prototype Pollution in dojo

All versions of package dojo are vulnerable to Prototype Pollution via the setObject function...

9.8CVSS4.9AI score0.01995EPSS

Exploits1References11Affected Software1

OSV•added 2021/12/17 8:15 p.m.•1 views

DEBIAN-CVE-2021-23450

All versions of package dojo are vulnerable to Prototype Pollution via the setObject function...

9.8CVSS6.8AI score0.01995EPSS

Exploits1References1

OSV•added 2021/12/17 8:15 p.m.•22 views

CVE-2021-23450

All versions of package dojo are vulnerable to Prototype Pollution via the setObject function...

9.8CVSS6.6AI score

Exploits0References9

UbuntuCve•added 2021/12/17 8:15 p.m.•35 views

CVE-2021-23450

All versions of package dojo are vulnerable to Prototype Pollution via the setObject function...

9.8CVSS6.8AI score0.01995EPSS

Exploits1References8

OSV•added 2021/12/17 8:15 p.m.•0 views

UBUNTU-CVE-2021-23450

All versions of package dojo are vulnerable to Prototype Pollution via the setObject function...

9.8CVSS6.8AI score0.01995EPSS

Exploits1References9

CVE•added 2021/12/17 8:5 p.m.•226 views

CVE-2021-23450

CVE-2021-23450 describes a Prototype Pollution vulnerability in the Dojo package, exposed via the setObject function. Multiple connected advisories confirm Dojo is affected and note remediation by upgrading to fixed Dojo versions in vendor advisories (IBM, other vendors) and related security bull...

9.8CVSS8.7AI score0.01995EPSS

Exploits1References9Affected Software1

Cvelist•added 2021/12/17 8:5 p.m.•17 views

CVE-2021-23450 Prototype Pollution

All versions of package dojo are vulnerable to Prototype Pollution via the setObject function...

7.5CVSS9.6AI score0.01995EPSS

Exploits1References9

CNNVD•added 2021/12/17 12:0 a.m.•1 views

dojo 安全漏洞

dojo is a JavaScript toolkit that contains utilities, UI components, and more. A security vulnerability exists in dojo that stems from the software's susceptibility to Prototype contamination via the setObject function...

9.8CVSS7AI score0.01995EPSS

Exploits1References20

Positive Technologies•added 2021/12/17 12:0 a.m.•1 views

PT-2021-7298 · Dojo +3 · Dojo +3

Name of the Vulnerable Software and Affected Versions: dojo versions all Description: The issue is related to the incorrect management of code generation in the dojo library's setObject function. This can allow a remote attacker to execute arbitrary code. The vulnerability is associated with...

10CVSS7.9AI score0.01995EPSS

Exploits4References59

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by