Lucene search
K

7 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-6952

Malicious code in bioql PyPI...

9.8CVSS9.3AI score0.01055EPSS
Exploits0References5
OSV
OSV
added 2022/09/20 5:36 p.m.16 views

CVE-2022-37265

Prototype pollution vulnerability in stealjs steal 2.2.4 via the alias variable in babel.js...

9.8CVSS9.4AI score0.01143EPSS
Exploits0References5
OSV
OSV
added 2022/09/16 8:57 p.m.17 views

CVE-2022-37258

Prototype pollution vulnerability in function convertLater in npm-convert.js in stealjs steal 2.2.4 via the packageName variable in npm-convert.js...

9.8CVSS6.8AI score0.01214EPSS
Exploits1References5
Github Security Blog
Github Security Blog
added 2022/09/16 12:0 a.m.22 views

steal vulnerable to Prototype Pollution via optionName variable

Prototype pollution vulnerability in stealjs steal 2.2.4 via the optionName variable in main.js...

9.8CVSS8.9AI score0.01195EPSS
Exploits0References5Affected Software1
Prion
Prion
added 2022/09/15 4:15 p.m.14 views

Denial of service

A Regular Expression Denial of Service ReDoS flaw was found in stealjs steal 2.2.4 via the source and sourceWithComments variable in main.js...

5CVSS7.5AI score0.01079EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2022/09/15 1:15 p.m.12 views

Code injection

Prototype pollution vulnerability in function convertLater in npm-convert.js in stealjs steal 2.2.4 via the requestedVersion variable in npm-convert.js...

7.5CVSS9.4AI score0.01055EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2022/09/15 12:30 p.m.67 views

CVE-2022-37257

CVE-2022-37257 affects stealjs Steal 2.2.4 (prototype pollution) in the convertLater function via the requestedVersion variable in npm-convert.js. Root cause: prototype contamination allowing injection into proto , constructor, and prototype chains. Impact per sources: high confidentiality, integ...

9.8CVSS9.4AI score0.01055EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder