CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

RedhatCVE•added 2025/05/23 10:31 a.m.•6 views

CVE-2024-40453

squirrellyjs squirrelly v9.0.0 and fixed in v.9.0.1 was discovered to contain a code injection vulnerability via the component options.varName...

9.8CVSS7.8AI score0.0348EPSS

Exploits2References1

Veracode•added 2024/08/22 8:35 a.m.•11 views

Code Injection

SquirrellyJS is vulnerable to Code Injection. The vulnerability is due to improper handling of input in the options.varName component of SquirrellyJS, allowing an attacker to inject and execute arbitrary code...

9.8CVSS7.4AI score0.0348EPSS

Exploits2References5Affected Software1

OSV•added 2024/08/21 6:31 p.m.•9 views

GHSA-W5PW-GMCW-RFC8 squirrelly Code Injection vulnerability

squirrellyjs squirrelly v9.0.0 was discovered to contain a code injection vulnerability via the component options.varName. The issue was fixed in version 9.1.0...

9.8CVSS9.7AI score0.0348EPSS

Exploits2References5

Github Security Blog•added 2024/08/21 6:31 p.m.•14 views

squirrelly Code Injection vulnerability

squirrellyjs squirrelly v9.0.0 was discovered to contain a code injection vulnerability via the component options.varName. The issue was fixed in version 9.1.0...

9.8CVSS7.8AI score0.0348EPSS

Exploits2References5Affected Software1

NVD•added 2024/08/21 5:15 p.m.•9 views

CVE-2024-40453

squirrellyjs squirrelly v9.0.0 and fixed in v.9.0.1 was discovered to contain a code injection vulnerability via the component options.varName...

9.8CVSS0.0348EPSS

Exploits2References3

OSV•added 2024/08/21 5:15 p.m.•9 views

CVE-2024-40453

squirrellyjs squirrelly v9.0.0 and fixed in v.9.0.1 was discovered to contain a code injection vulnerability via the component options.varName...

9.8CVSS8AI score0.0348EPSS

Exploits2References3

Positive Technologies•added 2024/08/21 12:0 a.m.•2 views

PT-2024-28852 · Unknown · Squirrelly

Name of the Vulnerable Software and Affected Versions: squirrellyjs squirrelly version 9.0.0 Description: The issue is a code injection vulnerability via the component options.varName. This vulnerability was discovered in squirrellyjs squirrelly and was fixed in version 9.0.1, however, another...

9.8CVSS7.7AI score0.0348EPSS

Exploits2References12

Cvelist•added 2024/08/21 12:0 a.m.•8 views

CVE-2024-40453

squirrellyjs squirrelly v9.0.0 and fixed in v.9.0.1 was discovered to contain a code injection vulnerability via the component options.varName...

0.0348EPSS

Exploits2References3

CVE•added 2024/08/21 12:0 a.m.•48 views

CVE-2024-40453

CVE-2024-40453 affects squirrellyjs (v9.0.0) with a code injection vulnerability via the component option varName. An exploit exists (POC) demonstrating remote code execution-like behavior; see exploit repo: https://github.com/BwithE/CVE-2024-40453. Remediation per sources: upgrade to v9.0.1 or l...

9.8CVSS7.5AI score0.0348EPSS

Exploits2References3Affected Software1