Количество 20
Количество 20
BDU:2022-00760
Уязвимость реализации функции console.table() программной платформы Node.js, позволяющая нарушителю вызвать отказ в обслуживании или обойти ограничения безопасности
ROS-20220125-10
Уязвимость программной платформы Node.js
CVE-2022-21824
Due to the formatting logic of the "console.table()" function it was not safe to allow user controlled input to be passed to the "properties" parameter while simultaneously passing a plain object with at least one property as the first parameter, which could be "__proto__". The prototype pollution has very limited control, in that it only allows an empty string to be assigned to numerical keys of the object prototype.Node.js >= 12.22.9, >= 14.18.3, >= 16.13.2, and >= 17.3.1 use a null protoype for the object these properties are being assigned to.
CVE-2022-21824
Due to the formatting logic of the "console.table()" function it was not safe to allow user controlled input to be passed to the "properties" parameter while simultaneously passing a plain object with at least one property as the first parameter, which could be "__proto__". The prototype pollution has very limited control, in that it only allows an empty string to be assigned to numerical keys of the object prototype.Node.js >= 12.22.9, >= 14.18.3, >= 16.13.2, and >= 17.3.1 use a null protoype for the object these properties are being assigned to.
CVE-2022-21824
Due to the formatting logic of the "console.table()" function it was not safe to allow user controlled input to be passed to the "properties" parameter while simultaneously passing a plain object with at least one property as the first parameter, which could be "__proto__". The prototype pollution has very limited control, in that it only allows an empty string to be assigned to numerical keys of the object prototype.Node.js >= 12.22.9, >= 14.18.3, >= 16.13.2, and >= 17.3.1 use a null protoype for the object these properties are being assigned to.
CVE-2022-21824
CVE-2022-21824
Due to the formatting logic of the "console.table()" function it was n ...
GHSA-39wv-qjgj-4jxg
Due to the formatting logic of the "console.table()" function it was not safe to allow user controlled input to be passed to the "properties" parameter while simultaneously passing a plain object with at least one property as the first parameter, which could be "__proto__". The prototype pollution has very limited control, in that it only allows an empty string to be assigned to numerical keys of the object prototype.Node.js >= 12.22.9, >= 14.18.3, >= 16.13.2, and >= 17.3.1 use a null protoype for the object these properties are being assigned to.
openSUSE-SU-2022:0113-1
Security update for nodejs12
openSUSE-SU-2022:0112-1
Security update for nodejs14
SUSE-SU-2022:0114-1
Security update for nodejs14
SUSE-SU-2022:0113-1
Security update for nodejs12
SUSE-SU-2022:0112-1
Security update for nodejs14
RLSA-2022:7830
Moderate: nodejs:14 security update
ELSA-2022-7830
ELSA-2022-7830: nodejs:14 security update (MODERATE)
SUSE-SU-2022:0570-1
Security update for nodejs10
RLSA-2022:9073
Moderate: nodejs:16 security, bug fix, and enhancement update
ELSA-2022-9073-1
ELSA-2022-9073-1: nodejs:16 security, bug fix, and enhancement update (MODERATE)
SUSE-SU-2022:1717-1
Security update for nodejs10
SUSE-SU-2022:0101-1
Security update for nodejs12
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | BDU:2022-00760 Уязвимость реализации функции console.table() программной платформы Node.js, позволяющая нарушителю вызвать отказ в обслуживании или обойти ограничения безопасности | CVSS3: 3.7 | 22% Средний | почти 5 лет назад |
 | ROS-20220125-10 Уязвимость программной платформы Node.js | больше 4 лет назад | ||
 | CVE-2022-21824 Due to the formatting logic of the "console.table()" function it was not safe to allow user controlled input to be passed to the "properties" parameter while simultaneously passing a plain object with at least one property as the first parameter, which could be "__proto__". The prototype pollution has very limited control, in that it only allows an empty string to be assigned to numerical keys of the object prototype.Node.js >= 12.22.9, >= 14.18.3, >= 16.13.2, and >= 17.3.1 use a null protoype for the object these properties are being assigned to. | CVSS3: 8.2 | 22% Средний | больше 4 лет назад |
 | CVE-2022-21824 Due to the formatting logic of the "console.table()" function it was not safe to allow user controlled input to be passed to the "properties" parameter while simultaneously passing a plain object with at least one property as the first parameter, which could be "__proto__". The prototype pollution has very limited control, in that it only allows an empty string to be assigned to numerical keys of the object prototype.Node.js >= 12.22.9, >= 14.18.3, >= 16.13.2, and >= 17.3.1 use a null protoype for the object these properties are being assigned to. | CVSS3: 8.2 | 22% Средний | больше 4 лет назад |
 | CVE-2022-21824 Due to the formatting logic of the "console.table()" function it was not safe to allow user controlled input to be passed to the "properties" parameter while simultaneously passing a plain object with at least one property as the first parameter, which could be "__proto__". The prototype pollution has very limited control, in that it only allows an empty string to be assigned to numerical keys of the object prototype.Node.js >= 12.22.9, >= 14.18.3, >= 16.13.2, and >= 17.3.1 use a null protoype for the object these properties are being assigned to. | CVSS3: 8.2 | 22% Средний | больше 4 лет назад |
 | CVSS3: 8.2 | 22% Средний | больше 4 лет назад | |
| CVE-2022-21824 Due to the formatting logic of the "console.table()" function it was n ... | CVSS3: 8.2 | 22% Средний | больше 4 лет назад |
| GHSA-39wv-qjgj-4jxg Due to the formatting logic of the "console.table()" function it was not safe to allow user controlled input to be passed to the "properties" parameter while simultaneously passing a plain object with at least one property as the first parameter, which could be "__proto__". The prototype pollution has very limited control, in that it only allows an empty string to be assigned to numerical keys of the object prototype.Node.js >= 12.22.9, >= 14.18.3, >= 16.13.2, and >= 17.3.1 use a null protoype for the object these properties are being assigned to. | CVSS3: 8.2 | 22% Средний | больше 4 лет назад |
 | openSUSE-SU-2022:0113-1 Security update for nodejs12 | больше 4 лет назад | ||
| openSUSE-SU-2022:0112-1 Security update for nodejs14 | больше 4 лет назад | ||
| SUSE-SU-2022:0114-1 Security update for nodejs14 | больше 4 лет назад | ||
| SUSE-SU-2022:0113-1 Security update for nodejs12 | больше 4 лет назад | ||
| SUSE-SU-2022:0112-1 Security update for nodejs14 | больше 4 лет назад | ||
 | RLSA-2022:7830 Moderate: nodejs:14 security update | больше 3 лет назад | ||
| ELSA-2022-7830 ELSA-2022-7830: nodejs:14 security update (MODERATE) | больше 3 лет назад | ||
| SUSE-SU-2022:0570-1 Security update for nodejs10 | больше 4 лет назад | ||
| RLSA-2022:9073 Moderate: nodejs:16 security, bug fix, and enhancement update | больше 3 лет назад | ||
| ELSA-2022-9073-1 ELSA-2022-9073-1: nodejs:16 security, bug fix, and enhancement update (MODERATE) | больше 3 лет назад | ||
| SUSE-SU-2022:1717-1 Security update for nodejs10 | около 4 лет назад | ||
| SUSE-SU-2022:0101-1 Security update for nodejs12 | больше 4 лет назад |
Уязвимостей на страницу