admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2022-12-20 06:00:37 +00:00
parent a93c4cea9d
commit c6e1b15f61
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
4 changed files with 37 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
2022/25xxx/CVE-2022-25171.json
View File

@ -48,16 +48,19 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://security.snyk.io/vuln/SNYK-JS-P4-3167330"
"refsource": "MISC",
"url": "https://security.snyk.io/vuln/SNYK-JS-P4-3167330",
"name": "https://security.snyk.io/vuln/SNYK-JS-P4-3167330"
},
{
"refsource": "CONFIRM",
"url": "https://github.com/natelong/p4/blob/master/p4.js%23L12"
"refsource": "MISC",
"url": "https://github.com/natelong/p4/blob/master/p4.js%23L12",
"name": "https://github.com/natelong/p4/blob/master/p4.js%23L12"
},
{
"refsource": "CONFIRM",
"url": "https://github.com/natelong/p4/commit/ae42e251beabf67c00539ec0e1d7aa149ca445fb"
"refsource": "MISC",
"url": "https://github.com/natelong/p4/commit/ae42e251beabf67c00539ec0e1d7aa149ca445fb",
"name": "https://github.com/natelong/p4/commit/ae42e251beabf67c00539ec0e1d7aa149ca445fb"
}
]
},
@ -65,7 +68,7 @@
"description_data": [
{
"lang": "eng",
"value": "The package p4 before 0.0.7 are vulnerable to Command Injection via the run() function due to improper input sanitization\r\n\r\n"
"value": "The package p4 before 0.0.7 are vulnerable to Command Injection via the run() function due to improper input sanitization"
}
]
},

12
2022/25xxx/CVE-2022-25904.json
View File

@ -48,12 +48,14 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://security.snyk.io/vuln/SNYK-JS-SAFEEVAL-3175701"
"refsource": "MISC",
"url": "https://security.snyk.io/vuln/SNYK-JS-SAFEEVAL-3175701",
"name": "https://security.snyk.io/vuln/SNYK-JS-SAFEEVAL-3175701"
},
{
"refsource": "CONFIRM",
"url": "https://github.com/hacksparrow/safe-eval/issues/26"
"refsource": "MISC",
"url": "https://github.com/hacksparrow/safe-eval/issues/26",
"name": "https://github.com/hacksparrow/safe-eval/issues/26"
}
]
},
@ -61,7 +63,7 @@
"description_data": [
{
"lang": "eng",
"value": "All versions of package safe-eval are vulnerable to Prototype Pollution which allows an attacker to add or modify properties of the Object.prototype.Consolidate when using the function safeEval. This is because the function uses vm variable, leading an attacker to modify properties of the Object.prototype.\r\n\r\n"
"value": "All versions of package safe-eval are vulnerable to Prototype Pollution which allows an attacker to add or modify properties of the Object.prototype.Consolidate when using the function safeEval. This is because the function uses vm variable, leading an attacker to modify properties of the Object.prototype."
}
]
},

17
2022/25xxx/CVE-2022-25931.json
View File

@ -48,16 +48,19 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://security.snyk.io/vuln/SNYK-JS-EASYSTATICSERVER-3153539"
"refsource": "MISC",
"url": "https://security.snyk.io/vuln/SNYK-JS-EASYSTATICSERVER-3153539",
"name": "https://security.snyk.io/vuln/SNYK-JS-EASYSTATICSERVER-3153539"
},
{
"refsource": "CONFIRM",
"url": "https://github.com/cunjieliu/easyServer/blob/master/index.js%23L27"
"refsource": "MISC",
"url": "https://github.com/cunjieliu/easyServer/blob/master/index.js%23L27",
"name": "https://github.com/cunjieliu/easyServer/blob/master/index.js%23L27"
},
{
"refsource": "CONFIRM",
"url": "https://gist.github.com/lirantal/fdfbe26561788c8194a54bf6d31772c9"
"refsource": "MISC",
"url": "https://gist.github.com/lirantal/fdfbe26561788c8194a54bf6d31772c9",
"name": "https://gist.github.com/lirantal/fdfbe26561788c8194a54bf6d31772c9"
}
]
},
@ -65,7 +68,7 @@
"description_data": [
{
"lang": "eng",
"value": "All versions of package easy-static-server are vulnerable to Directory Traversal due to missing input sanitization and sandboxes being employed to the req.url user input that is passed to the server code.\n"
"value": "All versions of package easy-static-server are vulnerable to Directory Traversal due to missing input sanitization and sandboxes being employed to the req.url user input that is passed to the server code."
}
]
},

17
2022/25xxx/CVE-2022-25940.json
View File

@ -48,16 +48,19 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://security.snyk.io/vuln/SNYK-JS-LITESERVER-3153540"
"refsource": "MISC",
"url": "https://security.snyk.io/vuln/SNYK-JS-LITESERVER-3153540",
"name": "https://security.snyk.io/vuln/SNYK-JS-LITESERVER-3153540"
},
{
"refsource": "CONFIRM",
"url": "https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-3175617"
"refsource": "MISC",
"url": "https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-3175617",
"name": "https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-3175617"
},
{
"refsource": "CONFIRM",
"url": "https://gist.github.com/lirantal/832382155e00da92bfd8bb3adea474eb"
"refsource": "MISC",
"url": "https://gist.github.com/lirantal/832382155e00da92bfd8bb3adea474eb",
"name": "https://gist.github.com/lirantal/832382155e00da92bfd8bb3adea474eb"
}
]
},
@ -65,7 +68,7 @@
"description_data": [
{
"lang": "eng",
"value": "All versions of package lite-server are vulnerable to Denial of Service (DoS) when an attacker sends an HTTP request and includes control characters that the decodeURI() function is unable to parse.\n"
"value": "All versions of package lite-server are vulnerable to Denial of Service (DoS) when an attacker sends an HTTP request and includes control characters that the decodeURI() function is unable to parse."
}
]
},