23 matches found
EUVD-2024-53523
Malicious code in bioql PyPI...
CVE-2023-1001
A vulnerability, which was classified as problematic, has been found in xuliangzhan vxe-table up to 3.7.9. This issue affects the function export of the file packages/textarea/src/textarea.js of the component vxe-textarea. The manipulation of the argument inputValue leads to cross site scripting...
Prototype Pollution
Vxe-table is vulnerable to Prototype pollution. The vulnerability is due to prototype pollution in the lib.install function, which allows attackers to supply a crafted payload, leading to a Denial of Service DoS...
CVE-2024-57080
A prototype pollution in the lib.install function of vxe-table v4.8.10 allows attackers to cause a Denial of Service DoS via supplying a crafted payload...
GHSA-89FP-F5MX-748X vxe-table prototype pollution
A prototype pollution in the lib.install function of vxe-table v4.8.10 allows attackers to cause a Denial of Service DoS via supplying a crafted payload...
vxe-table prototype pollution
A prototype pollution in the lib.install function of vxe-table v4.8.10 allows attackers to cause a Denial of Service DoS via supplying a crafted payload...
3h1-ui (>=3.0.0-liingyun.1 <=3.0.0-next.258), @adber/adber-ui (>=0.4.0 <=0.4.21) +638 more potentially affected by CVE-2024-57080 via vxe-table (>=1.15.31 <=4.8.0)
vxe-table NPM version =1.15.31, =3.0.0-liingyun.1, =0.4.0, =2.1.14, =0.2.2, =0.5.6, =1.0.0, =1.0.0, =1.2.3, =0.0.1, =0.0.1, =0.16.13, =1.13.0, =0.0.1, =0.0.3 and more Source cves: CVE-2024-57080 Source advisory: OSV:GHSA-89FP-F5MX-748X...
CVE-2024-57080
A prototype pollution in the lib.install function of vxe-table v4.8.10 allows attackers to cause a Denial of Service DoS via supplying a crafted payload...
CVE-2024-57080
CVE-2024-57080 describes a prototype pollution vulnerability in the vxe-table package (version 4.8.10) affecting the lib.install function. The root cause is unsafe handling in lib.install that allows overriding Object.prototype via crafted payloads, leading to potential DoS (per the advisory) and...
CVE-2024-57080
A prototype pollution in the lib.install function of vxe-table v4.8.10 allows attackers to cause a Denial of Service DoS via supplying a crafted payload...
vxe-table 安全漏洞
vxe-table is a vue-based PC-side form/table component from XE open source. A security vulnerability exists in vxe-table version v4.8.10, which stems from the lib.install function containing a prototype contamination vulnerability...
PT-2025-5756 · Vxe-Table · Vxe-Table
Name of the Vulnerable Software and Affected Versions: vxe-table version 4.8.10 Description: A prototype pollution in the lib.install function allows attackers to cause a Denial of Service DoS via supplying a crafted payload. Recommendations: For vxe-table version 4.8.10, consider disabling the...
CVE-2024-57080
A prototype pollution in the lib.install function of vxe-table v4.8.10 allows attackers to cause a Denial of Service DoS via supplying a crafted payload...
Cross Site Scripting(XSS)
vxe-table is vulnerable to Cross Site Scripting XSS. The vulnerability is due to inadequate sanitization of user-supplied input within the inputValue argument of the export function in the vxe-textarea component. It allows malicious actors to execute arbitrary JavaScript code within the context o...
@adber/adber-ui (>=0.4.0 <=0.4.21), @adber/shipber-ui (>=2.1.14 <=2.2.1) +450 more potentially affected by CVE-2023-1001 via vxe-table (>=1.15.31 <=3.7.10-beta.0)
vxe-table NPM version =1.15.31, =0.4.0, =2.1.14, =0.2.2, =0.0.1, =0.0.1, =1.13.0, =0.0.1, =1.368.0, =2.0.0, =0.0.1, =0.1.1, =0.4.58, =0.4.38, =0.4.43 and more Source cves: CVE-2023-1001 Source advisory: OSV:GHSA-2QJP-FG8C-G878...
GHSA-2QJP-FG8C-G878 vxe-table Cross-site Scripting vulnerability
A vulnerability, which was classified as problematic, has been found in xuliangzhan vxe-table up to 3.7.9. This issue affects the function export of the file packages/textarea/src/textarea.js of the component vxe-textarea. The manipulation of the argument inputValue leads to cross site scripting...
vxe-table Cross-site Scripting vulnerability
A vulnerability, which was classified as problematic, has been found in xuliangzhan vxe-table up to 3.7.9. This issue affects the function export of the file packages/textarea/src/textarea.js of the component vxe-textarea. The manipulation of the argument inputValue leads to cross site scripting...
CVE-2023-1001
A vulnerability, which was classified as problematic, has been found in xuliangzhan vxe-table up to 3.7.9. This issue affects the function export of the file packages/textarea/src/textarea.js of the component vxe-textarea. The manipulation of the argument inputValue leads to cross site scripting...
CVE-2023-1001 xuliangzhan vxe-table vxe-textarea textarea.js export cross site scripting
A vulnerability, which was classified as problematic, has been found in xuliangzhan vxe-table up to 3.7.9. This issue affects the function export of the file packages/textarea/src/textarea.js of the component vxe-textarea. The manipulation of the argument inputValue leads to cross site scripting...
CVE-2023-1001 xuliangzhan vxe-table vxe-textarea textarea.js export cross site scripting
A vulnerability, which was classified as problematic, has been found in xuliangzhan vxe-table up to 3.7.9. This issue affects the function export of the file packages/textarea/src/textarea.js of the component vxe-textarea. The manipulation of the argument inputValue leads to cross site scripting...