exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 7

CVE-2023-28154

почти 3 года назад

Webpack 5 before 5.76.0 does not avoid cross-realm object access. ImportParserPlugin.js mishandles the magic comment feature. An attacker who controls a property of an untrusted object can obtain access to the real global object.

CVSS3: 9.8

EPSS: Низкий

CVE-2023-28154

почти 3 года назад

Webpack 5 before 5.76.0 does not avoid cross-realm object access. ImportParserPlugin.js mishandles the magic comment feature. An attacker who controls a property of an untrusted object can obtain access to the real global object.

CVSS3: 9.1

EPSS: Низкий

CVE-2023-28154

почти 3 года назад

Webpack 5 before 5.76.0 does not avoid cross-realm object access. ImportParserPlugin.js mishandles the magic comment feature. An attacker who controls a property of an untrusted object can obtain access to the real global object.

CVSS3: 9.8

EPSS: Низкий

CVE-2023-28154

5 месяцев назад

Webpack 5 before 5.76.0 does not avoid cross-realm object access. ImportParserPlugin.js mishandles the magic comment feature. An attacker who controls a property of an untrusted object can obtain access to the real global object.

EPSS: Низкий

CVE-2023-28154

почти 3 года назад

Webpack 5 before 5.76.0 does not avoid cross-realm object access. Impo ...

CVSS3: 9.8

EPSS: Низкий

GHSA-hc6q-2mpp-qw7j

почти 3 года назад

Cross-realm object access in Webpack 5

CVSS3: 9.8

EPSS: Низкий

ELSA-2023-12235

почти 3 года назад

ELSA-2023-12235: pcs security update (IMPORTANT)

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2023-28154 Webpack 5 before 5.76.0 does not avoid cross-realm object access. ImportParserPlugin.js mishandles the magic comment feature. An attacker who controls a property of an untrusted object can obtain access to the real global object.	CVSS3: 9.8	1% Низкий	почти 3 года назад
CVE-2023-28154 Webpack 5 before 5.76.0 does not avoid cross-realm object access. ImportParserPlugin.js mishandles the magic comment feature. An attacker who controls a property of an untrusted object can obtain access to the real global object.	CVSS3: 9.1	1% Низкий	почти 3 года назад
CVE-2023-28154 Webpack 5 before 5.76.0 does not avoid cross-realm object access. ImportParserPlugin.js mishandles the magic comment feature. An attacker who controls a property of an untrusted object can obtain access to the real global object.	CVSS3: 9.8	1% Низкий	почти 3 года назад
CVE-2023-28154 Webpack 5 before 5.76.0 does not avoid cross-realm object access. ImportParserPlugin.js mishandles the magic comment feature. An attacker who controls a property of an untrusted object can obtain access to the real global object.		1% Низкий	5 месяцев назад
CVE-2023-28154 Webpack 5 before 5.76.0 does not avoid cross-realm object access. Impo ...	CVSS3: 9.8	1% Низкий	почти 3 года назад
GHSA-hc6q-2mpp-qw7j Cross-realm object access in Webpack 5	CVSS3: 9.8	1% Низкий	почти 3 года назад
ELSA-2023-12235 ELSA-2023-12235: pcs security update (IMPORTANT)			почти 3 года назад

Уязвимостей на страницу