Total
272 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2023-23917 | 1 Rocket.chat | 1 Rocket.chat | 2023-12-10 | N/A | 8.8 HIGH |
A prototype pollution vulnerability exists in Rocket.Chat server <5.2.0 that could allow an attacker to a RCE under the admin account. Any user can create their own server in your cloud and become an admin so this vulnerability could affect the cloud infrastructure. This attack vector also may increase the impact of XSS to RCE which is dangerous for self-hosted users as well. | |||||
CVE-2022-25904 | 1 Safe-eval Project | 1 Safe-eval | 2023-12-10 | N/A | 9.8 CRITICAL |
All versions of package safe-eval are vulnerable to Prototype Pollution which allows an attacker to add or modify properties of the Object.prototype.Consolidate when using the function safeEval. This is because the function uses vm variable, leading an attacker to modify properties of the Object.prototype. | |||||
CVE-2022-1529 | 2 Google, Mozilla | 4 Android, Firefox, Firefox Esr and 1 more | 2023-12-10 | N/A | 8.8 HIGH |
An attacker could have sent a message to the parent process where the contents were used to double-index into a JavaScript object, leading to prototype pollution and ultimately attacker-controlled JavaScript executing in the privileged parent process. This vulnerability affects Firefox ESR < 91.9.1, Firefox < 100.0.2, Firefox for Android < 100.3.0, and Thunderbird < 91.9.1. | |||||
CVE-2022-46175 | 2 Fedoraproject, Json5 | 2 Fedora, Json5 | 2023-12-10 | N/A | 8.8 HIGH |
JSON5 is an extension to the popular JSON file format that aims to be easier to write and maintain by hand (e.g. for config files). The `parse` method of the JSON5 library before and including versions 1.0.1 and 2.2.1 does not restrict parsing of keys named `__proto__`, allowing specially crafted strings to pollute the prototype of the resulting object. This vulnerability pollutes the prototype of the object returned by `JSON5.parse` and not the global Object prototype, which is the commonly understood definition of Prototype Pollution. However, polluting the prototype of a single object can have significant security impact for an application if the object is later used in trusted operations. This vulnerability could allow an attacker to set arbitrary and unexpected keys on the object returned from `JSON5.parse`. The actual impact will depend on how applications utilize the returned object and how they filter unwanted keys, but could include denial of service, cross-site scripting, elevation of privilege, and in extreme cases, remote code execution. `JSON5.parse` should restrict parsing of `__proto__` keys when parsing JSON strings to objects. As a point of reference, the `JSON.parse` method included in JavaScript ignores `__proto__` keys. Simply changing `JSON5.parse` to `JSON.parse` in the examples above mitigates this vulnerability. This vulnerability is patched in json5 versions 1.0.2, 2.2.2, and later. | |||||
CVE-2020-36618 | 1 Furqansofware | 1 Node Whois | 2023-12-10 | N/A | 9.8 CRITICAL |
A vulnerability classified as critical has been found in Furqan node-whois. Affected is an unknown function of the file index.coffee. The manipulation leads to improperly controlled modification of object prototype attributes ('prototype pollution'). It is possible to launch the attack remotely. The name of the patch is 46ccc2aee8d063c7b6b4dee2c2834113b7286076. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-216252. | |||||
CVE-2023-26102 | 1 Rangy Project | 1 Rangy | 2023-12-10 | N/A | 8.2 HIGH |
All versions of the package rangy are vulnerable to Prototype Pollution when using the extend() function in file rangy-core.js.The function uses recursive merge which can lead an attacker to modify properties of the Object.prototype | |||||
CVE-2022-3901 | 1 Visioglobe | 1 Visioweb | 2023-12-10 | N/A | 6.1 MEDIUM |
Prototype Pollution in Visioweb.js 1.10.6 allows attackers to execute XSS on the client system. | |||||
CVE-2023-26106 | 1 Dot-lens Project | 1 Dot-lens | 2023-12-10 | N/A | 7.5 HIGH |
All versions of the package dot-lens are vulnerable to Prototype Pollution via the set() function in index.js file. | |||||
CVE-2022-2200 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2023-12-10 | N/A | 8.8 HIGH |
If an object prototype was corrupted by an attacker, they would have been able to set undesired attributes on a JavaScript object, leading to privileged code execution. This vulnerability affects Firefox < 102, Firefox ESR < 91.11, Thunderbird < 102, and Thunderbird < 91.11. | |||||
CVE-2022-42743 | 1 Deep-parse-json Project | 1 Deep-parse-json | 2023-12-10 | N/A | 5.3 MEDIUM |
deep-parse-json version 1.0.2 allows an external attacker to edit or add new properties to an object. This is possible because the application does not correctly validate the incoming JSON keys, thus allowing the '__proto__' property to be edited. | |||||
CVE-2020-28462 | 1 Ion-parser Project | 1 Ion-parser | 2023-12-10 | N/A | 9.8 CRITICAL |
This affects all versions of package ion-parser. If an attacker submits a malicious INI file to an application that parses it with parse , they will pollute the prototype on the application. This can be exploited further depending on the context. | |||||
CVE-2022-37609 | 1 Js-beautify Project | 1 Js-beautify | 2023-12-10 | N/A | 9.8 CRITICAL |
Prototype pollution vulnerability in beautify-web js-beautify 1.13.7 via the name variable in options.js. | |||||
CVE-2020-7641 | 1 Grunt-util-property Project | 1 Grunt-util-property | 2023-12-10 | N/A | 7.8 HIGH |
This affects all versions of package grunt-util-property. The function call could be tricked into adding or modifying properties of Object.prototype using a __proto__ payload. | |||||
CVE-2022-41878 | 1 Parseplatform | 1 Parse-server | 2023-12-10 | N/A | 9.8 CRITICAL |
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. In versions prior to 5.3.2 or 4.10.19, keywords that are specified in the Parse Server option `requestKeywordDenylist` can be injected via Cloud Code Webhooks or Triggers. This will result in the keyword being saved to the database, bypassing the `requestKeywordDenylist` option. This issue is fixed in versions 4.10.19, and 5.3.2. If upgrade is not possible, the following Workarounds may be applied: Configure your firewall to only allow trusted servers to make request to the Parse Server Cloud Code Webhooks API, or block the API completely if you are not using the feature. | |||||
CVE-2021-23373 | 1 Set-deep-prop Project | 1 Set-deep-prop | 2023-12-10 | N/A | 9.8 CRITICAL |
All versions of package set-deep-prop are vulnerable to Prototype Pollution via the main functionality. | |||||
CVE-2022-41714 | 1 Fastest-json-copy Project | 1 Fastest-json-copy | 2023-12-10 | N/A | 5.3 MEDIUM |
fastest-json-copy version 1.0.1 allows an external attacker to edit or add new properties to an object. This is possible because the application does not correctly validate the incoming JSON keys, thus allowing the '__proto__' property to be edited. | |||||
CVE-2022-37258 | 1 Stealjs | 1 Steal | 2023-12-10 | N/A | 9.8 CRITICAL |
Prototype pollution vulnerability in function convertLater in npm-convert.js in stealjs steal 2.2.4 via the packageName variable in npm-convert.js. | |||||
CVE-2022-37623 | 1 Browserify-shim Project | 1 Browserify-shim | 2023-12-10 | N/A | 9.8 CRITICAL |
Prototype pollution vulnerability in function resolveShims in resolve-shims.js in thlorenz browserify-shim 3.8.15 via the shimPath variable in resolve-shims.js. | |||||
CVE-2022-37614 | 1 Mockery Project | 1 Mockery | 2023-12-10 | N/A | 9.8 CRITICAL |
Prototype pollution vulnerability in function enable in mockery.js in mfncooper mockery commit 822f0566fd6d72af8c943ae5ca2aa92e516aa2cf via the key variable in mockery.js. | |||||
CVE-2020-36604 | 1 Hapijs | 1 Hoek | 2023-12-10 | N/A | 8.1 HIGH |
hoek before 8.5.1 and 9.x before 9.0.3 allows prototype poisoning in the clone function. |