1635 matches found
Prototype Pollution
Overview "The package grpc before 1.24.4 and the package @grpc/grpc-js before 1.1.8 are vulnerable to Prototype Pollution via loadPackageDefinition." Recommendation Upgrade to version 1.1.8 or later References - CVE - GitHub Advisory...
Arbitrary JavaScript Execution
Overview There is a security vulnerability in json-ptr versions prior to v2.1.0 in which an unscrupulous actor may execute arbitrary code. If your code sends un-sanitized user input to json-ptr's .get method, your project is vulnerable to this injection-style vulnerability. Recommendation Upgrade...
Regular Expression Denial of Service
Overview npm-user-validate before 1.0.1 is vulnerable to regular expression denial of service. The regex that validates user emails took exponentially longer to process long input strings beginning with @ characters. Recommendation Upgrade to version 1.0.1 or later References - CVE - GitHub Advis...
Prototype pollution in chart.js
Overview In chart.js before version 2.9.4 the options parameter is not properly sanitized when it is processed. When the options are processed, the existing options or the defaults options are deeply merged with provided options. However, during this operation, the keys of the object being set ar...
Cross-Site Scripting
Overview Insufficient validation in cross-origin communication postMessage in reveal.js version 3.9.1 and earlier allow attackers to perform cross-site scripting attacks. Recommendation Upgrade to version 3.9.2 or later References - CVE - GitHub Advisory...
Regular expression denial of Service
Overview codemirror before 5.58.2 is vulnerable to a regular expression denial of service. The vulnerable regular expression is located in https://github.com/codemirror/CodeMirror/blob/cdb228ac736369c685865b122b736cd0d397836c/mode/javascript/javascript.jsL129. The ReDOS vulnerability of the regex...
Regular Expression Denial of Service
Overview All versions of package dat.gui are vulnerable to Regular Expression Denial of Service ReDoS via specifically crafted rgb and rgba values. Recommendation Avoid using dat.gui as there is no current safe version of this module References - CVE - GitHub Advisory...
Regular Expression Denial of Service in trim
Overview Versions of trim lower than 0.0.3 are vulnerable to Regular Expression Denial of Service ReDoS via trim. Recommendation Upgrade to version 0.0.3 or later References - CVE - GitHub Advisory...
Authorization Bypass
Overview admin/src/containers/InputModalStepperProvider/index.js in strapi before 3.2.5 has unwanted /proxy?url= functionality. Recommendation Upgrade to version 3.2.5 or later References - CVE - GitHub Advisory...
Prototype Pollution
Overview mathjs before version 7.5.1 is vulnerable to Prototype Pollution via the deepExtend function that runs upon configuration updates. Recommendation Upgrade to version 7.5.1 or later References - CVE - GitHub Advisory...
Prototype Pollution
Overview simpl-schema before 1.10.2 is vulnerable to prototype pollution. Attacker controlled input into a schema could result in remote code execution within the scope of the surrounding application. Recommendation Upgrade to version 1.10.2 or later References - CVE - GitHub Advisory...
Prototype Pollution
Overview json-pointer before 0.6.1 is vulnerable to prototype pollution. Multiple reference of object using slash is supported. Recommendation Upgrade to version 0.6.1 or later References - CVE - GitHub Advisory...
Cross-Site Scripting
Overview A vulnerability in the HTML editor of Slab Quill allows an attacker to execute arbitrary JavaScript by storing an XSS payload a crafted onloadstart attribute of an IMG element in a text field. No patch exists and no further releases are planned. Recommendation Avoid using quill as there ...
Prototype Pollution
Overview Versions of swiper before 6.5.1 are susceptible to prototype pollution. Recommendation Upgrade to version 6.5.1 or later References - CVE - GitHub Advisory...
Regular Expression Denial of Service
Overview postcss from 7.0.0 and before version 7.0.36 and 8.2.10 is vulnerable to Regular Expression Denial of Service ReDoS during source map parsing. Recommendation Upgrade to version 8.2.10 or later References - CVE - GitHub Advisory...
OS Command Injection in ng-packagr
Overview ng-packagr before 10.1.1 are vulnerable to Command Injection via the styleIncludePaths option. Recommendation Upgrade to version 10.1.1 or later References - CVE - GitHub Advisory...
Cross-site scripting in bootstrap-select
Overview bootstrap-select before 1.13.6 allows Cross-Site Scripting XSS. It does not escape title values in OPTION elements. This may allow attackers to execute arbitrary JavaScript in a victim's browser. Recommendation Upgrade to version 1.13.6 or later References - CVE - GitHub Advisory...
Uncontrolled Resource Consumption in json-bigint
Overview Prototype pollution in json-bigint package 1.0.0 may lead to a denial-of-service DoS attack. Recommendation Upgrade to version 1.0.0 or later References - CVE - GitHub Advisory...
SQL Injection
Overview Prototype pollution vulnerability in the typeorm package 0.2.25 may allow attackers to add or modify Object properties leading to further denial of service or SQL injection attacks. Recommendation Upgrade to version 0.2.25 or later References - CVE - GitHub Advisory...
Injection in gulp-scss-lint
Overview gulp-scss-lint through 1.0.0 allows execution of arbitrary commands. It is possible to inject arbitrary commands to the "exec" function located in "src/command.js" via the provided options. Recommendation Avoid using gulp-scss-lint as there is no current safe version of this module...
Buffer overflow in canvas
Overview A buffer overflow is present in canvas versions before 1.6.11, which could lead to a Denial of Service or execution of arbitrary code when it processes a user-provided image. Recommendation Upgrade to version 1.6.11 or later References - CVE - GitHub Advisory...
Deserialization of Untrusted Data in bson
Overview Versions of bson before 1.1.4 are vulnerable to Deserialization of Untrusted Data. The package will ignore an unknown value for an object's bsotype, leading to cases where an object is serialized as a document rather than the intended BSON type. Recommendation Upgrade to version 1.1.4 or...
Command injection in bestzip
Overview Affected versions of the package bestzip before 2.1.7 are vulnerable to Command Injection via the options param. Recommendation Upgrade to version 2.1.7 or later References - CVE - GitHub Advisory...
Arbitrary Code Execution in grunt
Overview Versions of grunt before 1.3.0 are vulnerable to Arbitrary Code Execution due to the default usage of the function load instead of its secure replacement safeLoad of the package js-yaml inside grunt.file.readYAML. Recommendation Upgrade to version 1.3.0 or later References - CVE - GitHub...
Prototype Pollution in locutus
Overview Versions of locutus prior to 2.0.12 are vulnerable to Prototype Pollution via the php.strings.parsestr function. Recommendation Upgrade to version 2.0.12 or later References - CVE - GitHub Advisory...
Command injection in json
Overview In versions of json before 10.0.0. It is possible to inject arbritary commands using the parseLookup function. Recommendation Upgrade to version 10.0.0 or later References - CVE - GitHub Advisory...
Prototype Pollution in property-expr
Overview property-expr before 2.0.3 are vulnerable to Prototype Pollution via the setter function. Recommendation Upgrade to version 2.0.3 or later References - CVE - GitHub Advisory...
Cross-site scripting in TinyMCE
Overview tinymce before 4.9.7 and 5.x before 5.1.4 allows XSS in the core parser, the paste plugin, and the visualchars plugin by using the clipboard or APIs to insert content into the editor. Recommendation Upgrade to versions 4.9.7, 5.1.4 or later References - CVE - GitHub Advisory...
Regular Expression Denial of Service
Overview ua-parser-js = 0.7.14, fixed in 0.7.24, uses a regular expression which is vulnerable to denial of service. If an attacker sends a malicious User-Agent header, ua-parser-js will get stuck processing it for an extended period of time. Recommendation Upgrade to version 0.7.24 or later...
Path traversal
Overview url-parse before 1.5.0 mishandles certain uses of backslash such as http:/ and interprets the URI as a relative path. Recommendation Upgrade to version 1.5.0 or later References - CVE - GitHub Advisory...
Regular Expression Denial of Service
Overview hosted-git-info before versions 2.8.9 and 3.0.8 are vulnerable to Regular Expression Denial of Service ReDoS via regular expression shortcutMatch in the fromUrl function in index.js. The affected regular expression exhibits polynomial worst-case time complexity Recommendation Upgrade to...
Improper Input Validation
Overview sanitize-html before 2.3.2 does not properly validate the hostnames set by the "allowedIframeHostnames" option when the "allowIframeRelativeUrls" is set to true, which allows attackers to bypass hostname whitelist for iframe element, related using an src value that starts with...
Improper Input Validation
Overview sanitize-html before 2.3.1 does not properly handle internationalized domain name IDN which could allow an attacker to bypass hostname whitelist validation set by the "allowedIframeHostnames" option. Recommendation Upgrade to version 2.3.1 or later References - CVE - GitHub Advisory...
Arbitrary Code Execution
Overview The package underscore from 1.13.0-0 and before 1.13.0-2, from 1.3.2 and before 1.12.1 are vulnerable to Arbitrary Code Execution via the template function, particularly when a variable property is passed as an argument as it is not sanitized. Recommendation Upgrade to versions 1.12.1 or...
Command Injection
Overview lodash versions prior to 4.17.21 are vulnerable to Command Injection via the template function. Recommendation Upgrade to version 4.17.21 or later References - CVE - GitHub Advisory - Snyk Advisory...
RSA signature validation vulnerability
Overview Impact Vulnerable versions of jsrsasign will accept RSA signature with improper PKCS1.5 padding. Decoded RSA signature value consists following form: 01ff...8 or more ffs...ff00ASN.1 OF DigestInfo Its byte length shall be the same as RSA key length however such checking was not sufficien...
Denial of Service
Overview The package chrono-node before 2.2.4. It hangs on a date-like string with lots of embedded spaces. Recommendation Upgrade to version 2.2.4 or later References - CVE - GitHub Advisory...
Remote code execution when compiling templates
Overview handlebars before 4.7.7 are vulnerable to Remote Code Execution RCE when selecting certain compiling options to compile templates coming from an untrusted source. Recommendation Upgrade to version 4.7.7 or later References - CVE - GitHub Advisory...
Cross-Site Scripting
Overview react-draft-wysiwyg aka React Draft Wysiwyg before 1.14.6 allows a javascript: URi in a Link Target of the link decorator in decorators/Link/index.js when a draft is shared across users, leading to XSS. Recommendation Upgrade to version 1.14.6 or later References - CVE - GitHub Advisory...
Prototype Pollution
Overview Impact In affected versions of mixme an attacker can add or alter properties of an object via 'proto' through the mutate and merge functions. The polluted attribute will be directly assigned to every object in the program. This will put the availability of the program at risk causing a...
Cross-Site Scripting
Overview Impact In highcharts versions 8 and earlier, the chart options structure was not systematically filtered for XSS vectors. The potential impact was that content from untrusted sources could execute code in the end user's browser. Especially when using the useHTML flag, HTML string options...
Prototype Pollution
Overview Versions of merge before 2.1.1 are vulnerable to Prototype Pollution via recursiveMerge . Recommendation Upgrade to version 2.1.1 or later References - CVE - GitHub Advisory...
Arbitrary Code Injection
Overview In xmlhttprequest-ssl before 1.6.2 when requests are sent synchronously async=False on xhr.open, malicious user input flowing into xhr.send could result in arbitrary code being injected and run. Recommendation Upgrade to version 1.6.2 or later References CVE GitHub Advisory...
Arbitrary Code Execution
Overview Impact Arbitrary code execution can occur when running exiftool against files with hostile metadata payloads. Patches ExifTool has already been patched in version 12.24. exiftool-vendored, which vendors ExifTool, includes this patch in v14.3.0. Workarounds No. Recommendation Upgrade to...
Code Injection
Overview oauth2-server aka node-oauth2-server through 3.1.1 implements OAuth 2.0 without PKCE. It does not prevent authorization code injection. This is similar to CVE-2020-7692. NOTE: the vendor states 'As RFC7636 is an extension, I think the claim in the Readme of "RFC 6749 compliant" is valid...
Regular Expression Denial of Service
Overview In redis before version 3.1.1, when a client is in monitoring mode, the regex begin used to detected monitor messages could cause exponential backtracking on some strings. This issue could lead to a denial of service. Patches The problem was fixed in commit 2d11b6d and was released in...
Observable timing discrepancy
Overview Overview Affected versions of jose are vulnerable to a Padding Oracle Attack due to Observable Timing Discrepancy. Impact AESCBCHMACSHA2 Algorithm A128CBC-HS256, A192CBC-HS384, A256CBC-HS512 decryption would always execute both HMAC tag verification and CBC decryption, if either failed...
Improper Certificate Validation
Overview Version 1.2.0 of mongodb-client-encryption does not perform correct validation of the KMS server’s certificate. This vulnerability in combination with a privileged network position active MITM attack could result in interception of traffic between the Node.js driver and the KMS service...
Prototype Pollution
Overview Prototype pollution vulnerability in set-or-get version 1.0.0 through 1.2.10 allows an attacker to cause a denial of service and may lead to remote code execution. Recommendation Upgrade to version 1.2.11 or later References - CVE - WhiteSource Advisory...
netmask npm package vulnerable to octal input data
Overview netmask npm package is vulnerable to octal input data. This may lead to server-side request forgery, remote file inclusion, local file inclusion, and other vulnerabilities. Recommendation Upgrade to version 2.0.1 or later. References - GitHub Advisory - Researcher report...