6 matches found
CVE-2026-44290
CVE-2026-44290 affects protobufjs, where certain schema option paths could traverse inherited properties during option processing, potentially corrupting process-wide built-in functionality. This vulnerability exists in versions prior to 7.5.6 and 8.0.2 and can enable a crafted protobuf schema or...
CVE-2026-44290 protobufjs: Process-wide denial of service through unsafe option paths
protobufjs compiles protobuf definitions into JavaScript JS functions. Prior to 7.5.6 and 8.0.2, protobufjs allowed certain schema option paths to traverse through inherited object properties while applying options. A crafted protobuf schema or JSON descriptor could cause option handling to write...
CVE-2026-44290 protobufjs: Process-wide denial of service through unsafe option paths
protobufjs compiles protobuf definitions into JavaScript JS functions. Prior to 7.5.6 and 8.0.2, protobufjs allowed certain schema option paths to traverse through inherited object properties while applying options. A crafted protobuf schema or JSON descriptor could cause option handling to write...
protobuf.js: Process-wide denial of service through unsafe option paths
Summary protobufjs allowed certain schema option paths to traverse through inherited object properties while applying options. A crafted protobuf schema or JSON descriptor could cause option handling to write to properties on global JavaScript constructors, corrupting process-wide built-in...
NPM: protobuf.js: Process-wide denial of service through unsafe option paths
NPM: protobuf.js: Process-wide denial of service through unsafe option paths vulnerability discovered by ? in WordPress Npm protobufjs versions = 7.5.5...
GHSA-JVWF-75H9-CWGG protobuf.js: Process-wide denial of service through unsafe option paths
Summary protobufjs allowed certain schema option paths to traverse through inherited object properties while applying options. A crafted protobuf schema or JSON descriptor could cause option handling to write to properties on global JavaScript constructors, corrupting process-wide built-in...