Lucene search
+L
SwiperjsSwiper

5 matches found

CVE
CVE
added 2026/02/21 5:43 a.m.392 views

CVE-2026-27212

CVE-2026-27212 affects the npm package swiper (versions 6.5.1 through 12.1.1). The vulnerability is a prototype pollution in shared/utils.mjs where indexOf() checks input against forbidden strings; crafted input can pollute Object.prototype via Array.prototype, despite a prior mitigation. This ca...

9.4CVSS5.6AI score0.00397EPSS
CVE
CVE
added 2021/04/12 1:10 p.m.108 views

CVE-2021-23370

CVE-2021-23370 affects the npm package swiper prior to 6.5.1. The root cause is prototype pollution in swiper’s code, with the impact described as vulnerable to prototype pollution. Remediation: upgrade to swiper 6.5.1 or later.

9.8CVSS8.6AI score0.022EPSS
CVE
CVE
added 2024/07/01 12:0 a.m.51 views

CVE-2024-39853

The CVE-2024-39853 entry concerns the ratio-swiper library by adolph_dudu, version 0.0.2. The root cause is a prototype pollution vulnerability in the parse function, which could enable an attacker to inject arbitrary properties into objects and potentially alter behavior of objects inheriting fr...

6.5CVSS8.3AI score0.00521EPSS
CVE
CVE
added 2024/07/01 12:0 a.m.48 views

CVE-2024-38997

CVE-2024-38997 affects the adolph_dudu ratio-swiper package (v0.0.2). The issue is a prototype pollution vulnerability in the extendDefaults function, enabling attackers to inject arbitrary properties and potentially execute arbitrary code or trigger a Denial of Service (DoS). Public details cove...

6.5CVSS8.3AI score0.00462EPSS
CVE
CVE
added 2024/07/01 12:0 a.m.48 views

CVE-2024-39000

Prototype pollution in adolph_dudu ratio-swiper v0.0.2 is caused by the parse function, enabling attackers to inject arbitrary properties that can lead to arbitrary code execution or DoS. Multiple sources (NVD, Red Hat, CNNVD, CVE/CVE-List, PT-Guard) confirm the issue and affected component. The ...

6.5CVSS8.3AI score0.00386EPSS