Vulnerabilities (CVE)

Filtered by CWE-1321
Total 334 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-3962 1 Myshopkit 1 Winters 2024-02-28 N/A 6.1 MEDIUM
The Winters theme for WordPress is vulnerable to Reflected Cross-Site Scripting via prototype pollution in versions up to, and including, 1.4.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
CVE-2023-1717 1 Bitrix24 1 Bitrix24 2024-02-28 N/A 9.6 CRITICAL
Prototype pollution in bitrix/templates/bitrix24/components/bitrix/menu/left_vertical/script.js in Bitrix24 22.0.300 allows remote attackers to execute arbitrary JavaScript code in the victim’s browser, and possibly execute arbitrary PHP code on the server if the victim has administrator privilege, via polluting `__proto__[tag]` and `__proto__[text]`.
CVE-2022-36059 1 Matrix 1 Javascript Sdk 2024-02-28 N/A 5.3 MEDIUM
matrix-js-sdk is a Matrix messaging protocol Client-Server SDK for JavaScript. In versions prior to 19.4.0 events sent with special strings in key places can temporarily disrupt or impede the matrix-js-sdk from functioning properly, potentially impacting the consumer's ability to process data safely. Note that the matrix-js-sdk can appear to be operating normally but be excluding or corrupting runtime data presented to the consumer. This issue has been fixed in matrix-js-sdk 19.4.0 and users are advised to upgrade. Users unable to upgrade may mitigate this issue by redacting applicable events, waiting for the sync processor to store data, and restarting the client. Alternatively, redacting the applicable events and clearing all storage will often fix most perceived issues. In some cases, no workarounds are possible.
CVE-2022-36060 1 Matrix 1 React Sdk 2024-02-28 N/A 5.3 MEDIUM
matrix-react-sdk is a Matrix chat protocol SDK for React Javascript. Events sent with special strings in key places can temporarily disrupt or impede the matrix-react-sdk from functioning properly, such as by causing room or event tile crashes. The remainder of the application can appear functional, though certain rooms/events will not be rendered. This issue has been fixed in matrix-react-sdk 3.53.0 and users are advised to upgrade. There are no known workarounds for this vulnerability.
CVE-2023-30533 1 Sheetjs 1 Sheetjs 2024-02-28 N/A 7.8 HIGH
SheetJS Community Edition before 0.19.3 allows Prototype Pollution via a crafted file. In other words. 0.19.2 and earlier are affected, whereas 0.19.3 and later are unaffected.
CVE-2023-30857 1 Aedart 1 Ion 2024-02-28 N/A 3.7 LOW
@aedart/support is the support package for Ion, a monorepo for JavaScript/TypeScript packages. Prior to version `0.6.1`, there is a possible prototype pollution issue for the `MetadataRecord`, when merged with a base class' metadata object, in `meta` decorator from the `@aedart/support` package. The likelihood of exploitation is questionable, given that a class's metadata can only be set or altered when the class is decorated via `meta()`. Furthermore, object(s) of sensitive nature would have to be stored as metadata, before this can lead to a security impact. The issue has been patched in version `0.6.1`.
CVE-2023-32305 2 Aiven, Postgresql 2 Aiven, Postgresql 2024-02-28 N/A 8.8 HIGH
aiven-extras is a PostgreSQL extension. Versions prior to 1.1.9 contain a privilege escalation vulnerability, allowing elevation to superuser inside PostgreSQL databases that use the aiven-extras package. The vulnerability leverages missing schema qualifiers on privileged functions called by the aiven-extras extension. A low privileged user can create objects that collide with existing function names, which will then be executed instead. Exploiting this vulnerability could allow a low privileged user to acquire `superuser` privileges, which would allow full, unrestricted access to all data and database functions. And could lead to arbitrary code execution or data access on the underlying host as the `postgres` user. The issue has been patched as of version 1.1.9.
CVE-2023-36475 1 Parseplatform 1 Parse-server 2024-02-28 N/A 9.8 CRITICAL
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 5.5.2 and 6.2.1, an attacker can use a prototype pollution sink to trigger a remote code execution through the MongoDB BSON parser. A patch is available in versions 5.5.2 and 6.2.1.
CVE-2023-26113 1 Collection.js Project 1 Collection.js 2024-02-28 N/A 7.5 HIGH
Versions of the package collection.js before 6.8.1 are vulnerable to Prototype Pollution via the extend function in Collection.js/dist/node/iterators/extend.js.
CVE-2023-26135 1 Flatnest Project 1 Flatnest 2024-02-28 N/A 9.8 CRITICAL
All versions of the package flatnest are vulnerable to Prototype Pollution via the nest() function in the flatnest/nest.js file.
CVE-2023-26122 1 Safe-eval Project 1 Safe-eval 2024-02-28 N/A 10.0 CRITICAL
All versions of the package safe-eval are vulnerable to Sandbox Bypass due to improper input sanitization. The vulnerability is derived from prototype pollution exploitation. Exploiting this vulnerability might result in remote code execution ("RCE"). **Vulnerable functions:** __defineGetter__, stack(), toLocaleString(), propertyIsEnumerable.call(), valueOf().
CVE-2023-26121 1 Safe-eval Project 1 Safe-eval 2024-02-28 N/A 10.0 CRITICAL
All versions of the package safe-eval are vulnerable to Prototype Pollution via the safeEval function, due to improper sanitization of its parameter content.
CVE-2023-28103 1 Matrix-react-sdk Project 1 Matrix-react-sdk 2024-02-28 N/A 8.2 HIGH
matrix-react-sdk is a Matrix chat protocol SDK for React Javascript. In certain configurations, data sent by remote servers containing special strings in key locations could cause modifications of the `Object.prototype`, disrupting matrix-react-sdk functionality, causing denial of service and potentially affecting program logic. This is fixed in matrix-react-sdk 3.69.0 and users are advised to upgrade. There are no known workarounds for this vulnerability. Note this advisory is distinct from GHSA-2x9c-qwgf-94xr which refers to a similar issue.
CVE-2023-26132 1 Dottie Project 1 Dottie 2024-02-28 N/A 7.5 HIGH
Versions of the package dottie before 2.0.4 are vulnerable to Prototype Pollution due to insufficient checks, via the set() function and the current variable in the /dottie.js file.
CVE-2023-2972 1 Antfu 1 Utils 2024-02-28 N/A 9.8 CRITICAL
Prototype Pollution in GitHub repository antfu/utils prior to 0.7.3.
CVE-2023-30363 1 Tencent 1 Vconsole 2024-02-28 N/A 9.8 CRITICAL
vConsole v3.15.0 was discovered to contain a prototype pollution due to incorrect key and value resolution in setOptions in core.ts.
CVE-2023-26133 1 Progressbar.js Project 1 Progressbar.js 2024-02-28 N/A 9.8 CRITICAL
All versions of the package progressbar.js are vulnerable to Prototype Pollution via the function extend() in the file utils.js.
CVE-2023-2582 1 Strikingly 1 Strikingly 2024-02-28 N/A 6.1 MEDIUM
A prototype pollution vulnerability exists in Strikingly CMS which can result in reflected cross-site scripting (XSS) in affected applications and sites built with Strikingly. The vulnerability exists because of Strikingly JavaScript library parsing the URL fragment allows access to the __proto__ or constructor properties and the Object prototype. By leveraging an embedded gadget like jQuery, an attacker who convinces a victim to visit a specially crafted link could achieve arbitrary javascript execution in the context of the user's browser.
CVE-2022-46175 2 Fedoraproject, Json5 2 Fedora, Json5 2024-02-28 N/A 8.8 HIGH
JSON5 is an extension to the popular JSON file format that aims to be easier to write and maintain by hand (e.g. for config files). The `parse` method of the JSON5 library before and including versions 1.0.1 and 2.2.1 does not restrict parsing of keys named `__proto__`, allowing specially crafted strings to pollute the prototype of the resulting object. This vulnerability pollutes the prototype of the object returned by `JSON5.parse` and not the global Object prototype, which is the commonly understood definition of Prototype Pollution. However, polluting the prototype of a single object can have significant security impact for an application if the object is later used in trusted operations. This vulnerability could allow an attacker to set arbitrary and unexpected keys on the object returned from `JSON5.parse`. The actual impact will depend on how applications utilize the returned object and how they filter unwanted keys, but could include denial of service, cross-site scripting, elevation of privilege, and in extreme cases, remote code execution. `JSON5.parse` should restrict parsing of `__proto__` keys when parsing JSON strings to objects. As a point of reference, the `JSON.parse` method included in JavaScript ignores `__proto__` keys. Simply changing `JSON5.parse` to `JSON.parse` in the examples above mitigates this vulnerability. This vulnerability is patched in json5 versions 1.0.2, 2.2.2, and later.
CVE-2021-4245 1 Rfc6902 Project 1 Rfc6902 2024-02-28 N/A 9.8 CRITICAL
A vulnerability classified as problematic has been found in chbrown rfc6902. This affects an unknown part of the file pointer.ts. The manipulation leads to improperly controlled modification of object prototype attributes ('prototype pollution'). The exploit has been disclosed to the public and may be used. The name of the patch is c006ce9faa43d31edb34924f1df7b79c137096cf. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-215883.