11 matches found
CVE-2024-30564
An issue inandrei-tatar nora-firebase-common between v.1.0.41 and v.1.12.2 allows a remote attacker to execute arbitrary code via a crafted script to the updateState parameter of the updateStateInternal method...
Prototype Pollution
@andrei-tatar/nora-firebase-common is vulnerable to Prototype Pollution. The vulnerability is due to improper handling of the updateState parameter in the updateStateInternal method. This allows remote attackers to execute malicious scripts, resulting in Arbitrary Code Execution...
GHSA-JJFF-Q3Q4-5HH8 @andrei-tatar/nora-firebase-common Prototype Pollution vulnerability
An issue inandrei-tatar nora-firebase-common between v.1.0.41 and v.1.12.2 allows a remote attacker to execute arbitrary code via a crafted script to the updateState parameter of the updateStateInternal method...
@andrei-tatar/nora-firebase-common Prototype Pollution vulnerability
An issue inandrei-tatar nora-firebase-common between v.1.0.41 and v.1.12.2 allows a remote attacker to execute arbitrary code via a crafted script to the updateState parameter of the updateStateInternal method...
CVE-2024-30564
An issue inandrei-tatar nora-firebase-common between v.1.0.41 and v.1.12.2 allows a remote attacker to execute arbitrary code via a crafted script to the updateState parameter of the updateStateInternal method...
@andrei-tatar/nora-firebase-common Prototype Pollution vulnerability
An issue inandrei-tatar nora-firebase-common between v.1.0.41 and v.1.12.2 allows a remote attacker to execute arbitrary code via a crafted script to the updateState parameter of the updateStateInternal method...
nora-common 安全漏洞
nora-common is a common repo between the NORA Node Red client and the NORA Firebase backend by Andrei Tatar Individual Developer. A security vulnerability exists in nora-common versions v.1.0.41 through v.1.12.2, which originates from a vulnerability that allows remote attackers to execute...
CVE-2024-30564
The CVE-2024-30564 issue affects andrei-tatar/nora-firebase-common in versions 1.0.41 through 1.12.2, where a crafted script submitted to the updateState parameter of updateStateInternal can enable remote code execution. Multiple sources corroborate the vulnerability’s presence across Red Hat, Ve...
CVE-2024-30564
An issue inandrei-tatar nora-firebase-common between v.1.0.41 and v.1.12.2 allows a remote attacker to execute arbitrary code via a crafted script to the updateState parameter of the updateStateInternal method...
CVE-2024-30564
An issue inandrei-tatar nora-firebase-common between v.1.0.41 and v.1.12.2 allows a remote attacker to execute arbitrary code via a crafted script to the updateState parameter of the updateStateInternal method...
PT-2024-23492 · Unknown · Inandrei-Tatar Nora-Firebase-Common
Name of the Vulnerable Software and Affected Versions: inandrei-tatar nora-firebase-common versions 1.0.41 through 1.12.2 Description: The issue allows a remote attacker to execute arbitrary code via a crafted script to the updateState parameter of the updateStateInternal method. This enables the...