exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 5

CVE-2020-5259

почти 6 лет назад

In affected versions of dojox (NPM package), the jqMix method is vulnerable to Prototype Pollution. Prototype Pollution refers to the ability to inject properties into existing JavaScript language construct prototypes, such as objects. An attacker manipulates these attributes to overwrite, or pollute, a JavaScript application object prototype of the base object by injecting other values. This has been patched in versions 1.11.10, 1.12.8, 1.13.7, 1.14.6, 1.15.3 and 1.16.2

CVSS3: 7.7

EPSS: Низкий

CVE-2020-5259

почти 6 лет назад

In affected versions of dojox (NPM package), the jqMix method is vulnerable to Prototype Pollution. Prototype Pollution refers to the ability to inject properties into existing JavaScript language construct prototypes, such as objects. An attacker manipulates these attributes to overwrite, or pollute, a JavaScript application object prototype of the base object by injecting other values. This has been patched in versions 1.11.10, 1.12.8, 1.13.7, 1.14.6, 1.15.3 and 1.16.2

CVSS3: 7.7

EPSS: Низкий

CVE-2020-5259

почти 6 лет назад

In affected versions of dojox (NPM package), the jqMix method is vulne ...

CVSS3: 7.7

EPSS: Низкий

GHSA-3hw5-q855-g6cw

почти 6 лет назад

Prototype Pollution in Dojox

CVSS3: 7.7

EPSS: Низкий

BDU:2021-01322

почти 6 лет назад

Уязвимость реализации метода jqMix библиотеки dojox (пакет NPM), позволяющая нарушителю оказать воздействие на целостность данных

CVSS3: 5.3

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2020-5259 In affected versions of dojox (NPM package), the jqMix method is vulnerable to Prototype Pollution. Prototype Pollution refers to the ability to inject properties into existing JavaScript language construct prototypes, such as objects. An attacker manipulates these attributes to overwrite, or pollute, a JavaScript application object prototype of the base object by injecting other values. This has been patched in versions 1.11.10, 1.12.8, 1.13.7, 1.14.6, 1.15.3 and 1.16.2	CVSS3: 7.7	0% Низкий	почти 6 лет назад
CVE-2020-5259 In affected versions of dojox (NPM package), the jqMix method is vulnerable to Prototype Pollution. Prototype Pollution refers to the ability to inject properties into existing JavaScript language construct prototypes, such as objects. An attacker manipulates these attributes to overwrite, or pollute, a JavaScript application object prototype of the base object by injecting other values. This has been patched in versions 1.11.10, 1.12.8, 1.13.7, 1.14.6, 1.15.3 and 1.16.2	CVSS3: 7.7	0% Низкий	почти 6 лет назад
CVE-2020-5259 In affected versions of dojox (NPM package), the jqMix method is vulne ...	CVSS3: 7.7	0% Низкий	почти 6 лет назад
GHSA-3hw5-q855-g6cw Prototype Pollution in Dojox	CVSS3: 7.7	0% Низкий	почти 6 лет назад
BDU:2021-01322 Уязвимость реализации метода jqMix библиотеки dojox (пакет NPM), позволяющая нарушителю оказать воздействие на целостность данных	CVSS3: 5.3	0% Низкий	почти 6 лет назад

Уязвимостей на страницу