Total
208 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-7618 | 1 Sds Project | 1 Sds | 2022-12-02 | 5.0 MEDIUM | 5.3 MEDIUM |
| sds through 3.2.0 is vulnerable to Prototype Pollution.The library could be tricked into adding or modifying properties of the 'Object.prototype' by abusing the 'set' function located in 'js/set.js'. | |||||
| CVE-2020-7702 | 1 Templ8 Project | 1 Templ8 | 2022-12-02 | 7.5 HIGH | 9.8 CRITICAL |
| All versions of package templ8 are vulnerable to Prototype Pollution via the parse function. | |||||
| CVE-2020-7699 | 2 Express-fileupload Project, Netapp | 2 Express-fileupload, Max Data | 2022-12-02 | 7.5 HIGH | 9.8 CRITICAL |
| This affects the package express-fileupload before 1.1.8. If the parseNested option is enabled, sending a corrupt HTTP request can lead to denial of service or arbitrary code execution. | |||||
| CVE-2020-7704 | 1 Linux-cmdline Project | 1 Linux-cmdline | 2022-12-02 | 7.5 HIGH | 9.8 CRITICAL |
| The package linux-cmdline before 1.0.1 are vulnerable to Prototype Pollution via the constructor. | |||||
| CVE-2020-15366 | 1 Ajv.js | 1 Ajv | 2022-12-02 | 6.8 MEDIUM | 5.6 MEDIUM |
| An issue was discovered in ajv.validate() in Ajv (aka Another JSON Schema Validator) 6.12.2. A carefully crafted JSON schema could be provided that allows execution of other code by prototype pollution. (While untrusted schemas are recommended against, the worst case of an untrusted schema should be a denial of service, not execution of code.) | |||||
| CVE-2020-7706 | 1 Connie-lang Project | 1 Connie-lang | 2022-12-02 | 7.5 HIGH | 9.8 CRITICAL |
| The package connie-lang before 0.1.1 are vulnerable to Prototype Pollution in the configuration language library used by connie. | |||||
| CVE-2020-7703 | 1 Nis-utils Project | 1 Nis-utils | 2022-12-02 | 7.5 HIGH | 9.8 CRITICAL |
| All versions of package nis-utils are vulnerable to Prototype Pollution via the setValue function. | |||||
| CVE-2020-7700 | 1 Php.js Project | 1 Php.js | 2022-12-02 | 7.5 HIGH | 9.8 CRITICAL |
| All versions of phpjs are vulnerable to Prototype Pollution via parse_str. | |||||
| CVE-2020-7701 | 1 Springtree | 1 Madlib-object-utils | 2022-12-02 | 7.5 HIGH | 9.8 CRITICAL |
| madlib-object-utils before 0.1.7 is vulnerable to Prototype Pollution via setValue. | |||||
| CVE-2020-7716 | 1 Invertase | 1 Deeps | 2022-12-02 | 7.5 HIGH | 9.8 CRITICAL |
| All versions of package deeps are vulnerable to Prototype Pollution via the set function. | |||||
| CVE-2020-7714 | 1 Realseriousgames | 1 Confucious | 2022-12-02 | 7.5 HIGH | 9.8 CRITICAL |
| All versions of package confucious are vulnerable to Prototype Pollution via the set function. | |||||
| CVE-2020-7713 | 1 Arr-flatten-unflatten Project | 1 Arr-flatten-unflatten | 2022-12-02 | 7.5 HIGH | 9.8 CRITICAL |
| All versions of package arr-flatten-unflatten are vulnerable to Prototype Pollution via the constructor. | |||||
| CVE-2020-7707 | 1 Property-expr Project | 1 Property-expr | 2022-12-02 | 7.5 HIGH | 9.8 CRITICAL |
| The package property-expr before 2.0.3 are vulnerable to Prototype Pollution via the setter function. | |||||
| CVE-2020-7715 | 1 Deep-get-set Project | 1 Deep-get-set | 2022-12-02 | 7.5 HIGH | 9.8 CRITICAL |
| All versions of package deep-get-set are vulnerable to Prototype Pollution via the main function. | |||||
| CVE-2020-7717 | 1 Dot-notes Project | 1 Dot-notes | 2022-12-02 | 7.5 HIGH | 9.8 CRITICAL |
| All versions of package dot-notes are vulnerable to Prototype Pollution via the create function. | |||||
| CVE-2020-7708 | 1 Irrelon | 2 \@irrelon\/path, Irrelon-path | 2022-12-02 | 7.5 HIGH | 9.8 CRITICAL |
| The package irrelon-path before 4.7.0; the package @irrelon/path before 4.7.0 are vulnerable to Prototype Pollution via the set, unSet, pushVal and pullVal functions. | |||||
| CVE-2020-7719 | 1 Locutus | 1 Locutus | 2022-12-02 | 7.5 HIGH | 9.8 CRITICAL |
| Versions of package locutus before 2.0.12 are vulnerable to prototype Pollution via the php.strings.parse_str function. | |||||
| CVE-2020-7718 | 1 Gammautils Project | 1 Gammautils | 2022-12-02 | 7.5 HIGH | 9.8 CRITICAL |
| All versions of package gammautils are vulnerable to Prototype Pollution via the deepSet and deepMerge functions. | |||||
| CVE-2020-7721 | 1 Node-oojs Project | 1 Node-oojs | 2022-12-02 | 7.5 HIGH | 9.8 CRITICAL |
| All versions of package node-oojs are vulnerable to Prototype Pollution via the setPath function. | |||||
| CVE-2020-7720 | 1 Digitalbazaar | 1 Forge | 2022-12-02 | 7.5 HIGH | 7.3 HIGH |
| The package node-forge before 0.10.0 is vulnerable to Prototype Pollution via the util.setPath function. Note: Version 0.10.0 is a breaking change removing the vulnerable functions. | |||||