Total
341 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-36475 | 1 Parseplatform | 1 Parse-server | 2024-11-21 | N/A | 9.8 CRITICAL |
| Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 5.5.2 and 6.2.1, an attacker can use a prototype pollution sink to trigger a remote code execution through the MongoDB BSON parser. A patch is available in versions 5.5.2 and 6.2.1. | |||||
| CVE-2023-32305 | 2 Aiven, Postgresql | 2 Aiven, Postgresql | 2024-11-21 | N/A | 8.8 HIGH |
| aiven-extras is a PostgreSQL extension. Versions prior to 1.1.9 contain a privilege escalation vulnerability, allowing elevation to superuser inside PostgreSQL databases that use the aiven-extras package. The vulnerability leverages missing schema qualifiers on privileged functions called by the aiven-extras extension. A low privileged user can create objects that collide with existing function names, which will then be executed instead. Exploiting this vulnerability could allow a low privileged user to acquire `superuser` privileges, which would allow full, unrestricted access to all data and database functions. And could lead to arbitrary code execution or data access on the underlying host as the `postgres` user. The issue has been patched as of version 1.1.9. | |||||
| CVE-2023-30857 | 1 Aedart | 1 Ion | 2024-11-21 | N/A | 3.7 LOW |
| @aedart/support is the support package for Ion, a monorepo for JavaScript/TypeScript packages. Prior to version `0.6.1`, there is a possible prototype pollution issue for the `MetadataRecord`, when merged with a base class' metadata object, in `meta` decorator from the `@aedart/support` package. The likelihood of exploitation is questionable, given that a class's metadata can only be set or altered when the class is decorated via `meta()`. Furthermore, object(s) of sensitive nature would have to be stored as metadata, before this can lead to a security impact. The issue has been patched in version `0.6.1`. | |||||
| CVE-2023-30533 | 1 Sheetjs | 1 Sheetjs | 2024-11-21 | N/A | 7.8 HIGH |
| SheetJS Community Edition before 0.19.3 allows Prototype Pollution via a crafted file. In other words. 0.19.2 and earlier are affected, whereas 0.19.3 and later are unaffected. | |||||
| CVE-2023-30363 | 1 Tencent | 1 Vconsole | 2024-11-21 | N/A | 9.8 CRITICAL |
| vConsole v3.15.0 was discovered to contain a prototype pollution due to incorrect key and value resolution in setOptions in core.ts. | |||||
| CVE-2023-2972 | 1 Antfu | 1 Utils | 2024-11-21 | N/A | 9.8 CRITICAL |
| Prototype Pollution in GitHub repository antfu/utils prior to 0.7.3. | |||||
| CVE-2023-2582 | 1 Strikingly | 1 Strikingly | 2024-11-21 | N/A | 6.1 MEDIUM |
| A prototype pollution vulnerability exists in Strikingly CMS which can result in reflected cross-site scripting (XSS) in affected applications and sites built with Strikingly. The vulnerability exists because of Strikingly JavaScript library parsing the URL fragment allows access to the __proto__ or constructor properties and the Object prototype. By leveraging an embedded gadget like jQuery, an attacker who convinces a victim to visit a specially crafted link could achieve arbitrary javascript execution in the context of the user's browser. | |||||
| CVE-2023-28103 | 1 Matrix-react-sdk Project | 1 Matrix-react-sdk | 2024-11-21 | N/A | 8.2 HIGH |
| matrix-react-sdk is a Matrix chat protocol SDK for React Javascript. In certain configurations, data sent by remote servers containing special strings in key locations could cause modifications of the `Object.prototype`, disrupting matrix-react-sdk functionality, causing denial of service and potentially affecting program logic. This is fixed in matrix-react-sdk 3.69.0 and users are advised to upgrade. There are no known workarounds for this vulnerability. Note this advisory is distinct from GHSA-2x9c-qwgf-94xr which refers to a similar issue. | |||||
| CVE-2023-26920 | 1 Naturalintelligence | 1 Fast Xml Parser | 2024-11-21 | N/A | 6.5 MEDIUM |
| fast-xml-parser before 4.1.2 allows __proto__ for Prototype Pollution. | |||||
| CVE-2023-26158 | 1 Mockjs | 1 Mock.js | 2024-11-21 | N/A | 8.2 HIGH |
| All versions of the package mockjs are vulnerable to Prototype Pollution via the Util.extend function due to missing check if the attribute resolves to the object prototype. By adding or modifying attributes of an object prototype, it is possible to create attributes that exist on every object, or replace critical attributes with malicious ones. This can be problematic if the software depends on existence or non-existence of certain attributes, or uses pre-defined attributes of object prototype (such as hasOwnProperty, toString or valueOf). User controlled inputs inside the extend() method of the Mock.Handler, Mock.Random, Mock.RE.Handler or Mock.Util, will allow an attacker to exploit this vulnerability. Workaround By using a denylist of dangerous attributes, this weakness can be eliminated. Add the following line in the Util.extend function: js js if (["__proto__", "constructor", "prototype"].includes(name)) continue js // src/mock/handler.js Util.extend = function extend() { var target = arguments[0] || {}, i = 1, length = arguments.length, options, name, src, copy, clone if (length === 1) { target = this i = 0 } for (; i < length; i++) { options = arguments[i] if (!options) continue for (name in options) { if (["__proto__", "constructor", "prototype"].includes(name)) continue src = target[name] copy = options[name] if (target === copy) continue if (copy === undefined) continue if (Util.isArray(copy) || Util.isObject(copy)) { if (Util.isArray(copy)) clone = src && Util.isArray(src) ? src : [] if (Util.isObject(copy)) clone = src && Util.isObject(src) ? src : {} target[name] = Util.extend(clone, copy) } else { target[name] = copy } } } return target } | |||||
| CVE-2023-26139 | 1 Underscore-keypath Project | 1 Underscore-keypath | 2024-11-21 | N/A | 7.5 HIGH |
| Versions of the package underscore-keypath from 0.0.11 are vulnerable to Prototype Pollution via the name argument of the setProperty() function. Exploiting this vulnerability is possible due to improper input sanitization which allows the usage of arguments like “__proto__”. | |||||
| CVE-2023-26136 | 1 Salesforce | 1 Tough-cookie | 2024-11-21 | N/A | 6.5 MEDIUM |
| Versions of the package tough-cookie before 4.1.3 are vulnerable to Prototype Pollution due to improper handling of Cookies when using CookieJar in rejectPublicSuffixes=false mode. This issue arises from the manner in which the objects are initialized. | |||||
| CVE-2023-26135 | 1 Flatnest Project | 1 Flatnest | 2024-11-21 | N/A | 7.3 HIGH |
| All versions of the package flatnest are vulnerable to Prototype Pollution via the nest() function in the flatnest/nest.js file. | |||||
| CVE-2023-26133 | 1 Progressbar.js Project | 1 Progressbar.js | 2024-11-21 | N/A | 8.2 HIGH |
| All versions of the package progressbar.js are vulnerable to Prototype Pollution via the function extend() in the file utils.js. | |||||
| CVE-2023-26132 | 1 Dottie Project | 1 Dottie | 2024-11-21 | N/A | 7.5 HIGH |
| Versions of the package dottie before 2.0.4 are vulnerable to Prototype Pollution due to insufficient checks, via the set() function and the current variable in the /dottie.js file. | |||||
| CVE-2023-26122 | 1 Safe-eval Project | 1 Safe-eval | 2024-11-21 | N/A | 8.8 HIGH |
| All versions of the package safe-eval are vulnerable to Sandbox Bypass due to improper input sanitization. The vulnerability is derived from prototype pollution exploitation. Exploiting this vulnerability might result in remote code execution ("RCE"). **Vulnerable functions:** __defineGetter__, stack(), toLocaleString(), propertyIsEnumerable.call(), valueOf(). | |||||
| CVE-2023-26121 | 1 Safe-eval Project | 1 Safe-eval | 2024-11-21 | N/A | 7.5 HIGH |
| All versions of the package safe-eval are vulnerable to Prototype Pollution via the safeEval function, due to improper sanitization of its parameter content. | |||||
| CVE-2023-26113 | 1 Collection.js Project | 1 Collection.js | 2024-11-21 | N/A | 7.5 HIGH |
| Versions of the package collection.js before 6.8.1 are vulnerable to Prototype Pollution via the extend function in Collection.js/dist/node/iterators/extend.js. | |||||
| CVE-2023-26106 | 1 Dot-lens Project | 1 Dot-lens | 2024-11-21 | N/A | 7.5 HIGH |
| All versions of the package dot-lens are vulnerable to Prototype Pollution via the set() function in index.js file. | |||||
| CVE-2023-26105 | 1 Utilities Project | 1 Utilities | 2024-11-21 | N/A | 7.5 HIGH |
| All versions of the package utilities are vulnerable to Prototype Pollution via the _mix function. | |||||