The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
ID | Description | Priority | Modified date | Fixed Release |
---|---|---|---|---|
CVE-2020-7779 | All versions of package djvalidator are vulnerable to Regular Expression Denial of Service (ReDoS) by sending crafted invalid emails - for example, --@------------------------------------------------------------------------------------------------------------------------!. | MEDIUM | Nov 27, 2020 | n/a |
CVE-2020-7778 | This affects the package systeminformation before 4.30.2. The attacker can overwrite the properties and functions of an object, which can lead to executing OS commands. | -- | Nov 27, 2020 | n/a |
CVE-2020-7777 | This affects all versions of package jsen. If an attacker can control the schema file, it could run arbitrary JavaScript code on the victim machine. In the module description and README file there is no mention about the risks of untrusted schema files, so I assume that this is applicable. In particular the required field of the schema is not properly sanitized. The resulting string that is build based on the schema definition is then passed to a Function.apply();, leading to an Arbitrary Code Execution. | -- | Nov 23, 2020 | n/a |
CVE-2020-7776 | This affects the package phpoffice/phpspreadsheet from 0.0.0. The library is vulnerable to XSS when creating an html output from an excel file by adding a comment on any cell. The root cause of this issue is within the HTML writer where user comments are concatenated as part of link and this is returned as HTML. A fix for this issue is available on commit 0ed5b800be2136bcb8fa9c1bdf59abc957a98845/master branch. | LOW | Dec 11, 2020 | n/a |
CVE-2020-7775 | This affects all versions of package freediskspace. The vulnerability arises out of improper neutralization of arguments in line 71 of freediskspace.js. | -- | Feb 2, 2021 | n/a |
CVE-2020-7774 | The package y18n before 3.2.2, 4.0.1 and 5.0.5, is vulnerable to Prototype Pollution. | HIGH | Nov 17, 2020 | n/a |
CVE-2020-7773 | This affects the package markdown-it-highlightjs before 3.3.1. It is possible insert malicious JavaScript as a value of lang in the markdown-it-highlightjs Inline code highlighting feature. const markdownItHighlightjs = require(markdown-it-highlightjs); const md = require(\'markdown-it\'); const reuslt_xss = md() .use(markdownItHighlightjs, { inline: true }) .render(\'console.log(42){.>js}\'); console.log(reuslt_xss); | -- | Nov 16, 2020 | n/a |
CVE-2020-7772 | This affects the package doc-path before 2.1.2. | HIGH | Nov 15, 2020 | n/a |
CVE-2020-7771 | The package asciitable.js before 1.0.3 are vulnerable to Prototype Pollution via the main function. | HIGH | Jan 6, 2021 | n/a |
CVE-2020-7770 | This affects the package json8 before 1.0.3. The function adds in the target object the property specified in the path, however it does not properly check the key being set, leading to a prototype pollution. | HIGH | Nov 12, 2020 | n/a |
CVE-2020-7769 | This affects the package nodemailer before 6.4.16. Use of crafted recipient email addresses may result in arbitrary command flag injection in sendmail transport for sending mails. | HIGH | Nov 12, 2020 | n/a |
CVE-2020-7768 | The package grpc before 1.24.4; the package @grpc/grpc-js before 1.1.8 are vulnerable to Prototype Pollution via loadPackageDefinition. | MEDIUM | Nov 12, 2020 | n/a |
CVE-2020-7767 | All versions of package express-validators are vulnerable to Regular Expression Denial of Service (ReDoS) when validating specifically-crafted invalid urls. | -- | Nov 12, 2020 | n/a |
CVE-2020-7766 | This affects all versions of package json-ptr. The issue occurs in the set operation (https://flitbit.github.io/json-ptr/classes/_src_pointer_.jsonpointer.htmlset) when the force flag is set to true. The function recursively set the property in the target object, however it does not properly check the key being set, leading to a prototype pollution. | HIGH | Nov 10, 2020 | n/a |
CVE-2020-7765 | This affects the package @firebase/util before 0.3.4. This vulnerability relates to the deepExtend function within the DeepCopy.ts file. Depending on if user input is provided, an attacker can overwrite and pollute the object prototype of a program. | -- | Nov 16, 2020 | n/a |
CVE-2020-7764 | This affects the package find-my-way before 2.2.5, from 3.0.0 and before 3.0.5. It accepts the Accept-Version\' header by default, and if versioned routes are not being used, this could lead to a denial of service. Accept-Version can be used as an unkeyed header in a cache poisoning attack. | MEDIUM | Nov 9, 2020 | n/a |
CVE-2020-7763 | This affects the package phantom-html-to-pdf before 0.6.1. | -- | Nov 5, 2020 | n/a |
CVE-2020-7762 | This affects the package jsreport-chrome-pdf before 1.10.0. | -- | Nov 5, 2020 | n/a |
CVE-2020-7761 | This affects the package @absolunet/kafe before 3.2.10. It allows cause a denial of service when validating crafted invalid emails. | -- | Nov 5, 2020 | n/a |
CVE-2020-7760 | This affects the package codemirror before 5.58.2; the package org.apache.marmotta.webjars:codemirror before 5.58.2. The vulnerable regular expression is located in https://github.com/codemirror/CodeMirror/blob/cdb228ac736369c685865b122b736cd0d397836c/mode/javascript/javascript.jsL129. The ReDOS vulnerability of the regex is mainly due to the sub-pattern (s|/*.*?*/)* | MEDIUM | Oct 30, 2020 | n/a |
CVE-2020-7759 | The package pimcore/pimcore from 6.7.2 and before 6.8.3 are vulnerable to SQL Injection in data classification functionality in ClassificationstoreController. This can be exploited by sending a specifically-crafted input in the relationIds parameter as demonstrated by the following request: http://vulnerable.pimcore.example/admin/classificationstore/relations?relationIds=[{keyId%3a\'\',groupId%3a\'asd\'))+or+1%3d1+union+(select+1,2,3,4,5,6,name,8,password,\'\',11,12,\'\',14+from+users)+--+}] | MEDIUM | Oct 30, 2020 | n/a |
CVE-2020-7758 | This affects versions of package browserless-chrome before 1.40.2-chrome-stable. User input flowing from the workspace endpoint gets used to create a file path filePath and this is fetched and then sent back to a user. This can be escaped to fetch arbitrary files from a server. | MEDIUM | Nov 3, 2020 | n/a |
CVE-2020-7757 | This affects all versions of package droppy. It is possible to traverse directories to fetch configuration files from a droopy server. | -- | Nov 3, 2020 | n/a |
CVE-2020-7755 | All versions of package dat.gui are vulnerable to Regular Expression Denial of Service (ReDoS) via specifically crafted rgb and rgba values. | -- | Oct 27, 2020 | n/a |
CVE-2020-7754 | This affects the package npm-user-validate before 1.0.1. The regex that validates user emails took exponentially longer to process long input strings beginning with @ characters. | MEDIUM | Oct 27, 2020 | n/a |
CVE-2020-7753 | All versions of package trim are vulnerable to Regular Expression Denial of Service (ReDoS) via trim(). | MEDIUM | Oct 27, 2020 | n/a |
CVE-2020-7752 | This affects the package systeminformation before 4.27.11. This package is vulnerable to Command Injection. The attacker can concatenate curl\'s parameters to overwrite Javascript files and then execute any OS commands. | MEDIUM | Oct 30, 2020 | n/a |
CVE-2020-7751 | pathval before version 1.1.1 is vulnerable to prototype pollution. | MEDIUM | Oct 26, 2020 | n/a |
CVE-2020-7750 | This affects the package scratch-svg-renderer before 0.2.0-prerelease.20201019174008. The loadString function does not escape SVG properly, which can be used to inject arbitrary elements into the DOM via the _transformMeasurements function. | -- | Oct 21, 2020 | n/a |
CVE-2020-7749 | This affects all versions of package osm-static-maps. User input given to the package is passed directly to a template without escaping ({{{ ... }}}). As such, it is possible for an attacker to inject arbitrary HTML/JS code and depending on the context. It will be outputted as an HTML on the page which gives opportunity for XSS or rendered on the server (puppeteer) which also gives opportunity for SSRF and Local File Read. | -- | Oct 20, 2020 | n/a |
CVE-2020-7748 | This affects the package @tsed/core before 5.65.7. This vulnerability relates to the deepExtend function which is used as part of the utils directory. Depending on if user input is provided, an attacker can overwrite and pollute the object prototype of a program. | MEDIUM | Oct 21, 2020 | n/a |
CVE-2020-7747 | This affects all versions of package lightning-server. It is possible to inject malicious JavaScript code as part of a session controller. | LOW | Oct 22, 2020 | n/a |
CVE-2020-7746 | This affects the package chart.js before 2.9.4. The options parameter is not properly sanitized when it is processed. When the options are processed, the existing options (or the defaults options) are deeply merged with provided options. However, during this operation, the keys of the object being set are not checked, leading to a prototype pollution. | MEDIUM | Oct 29, 2020 | n/a |
CVE-2020-7745 | This affects the package MintegralAdSDK before 6.6.0.0. The SDK distributed by the company contains malicious functionality that acts as a backdoor. Mintegral and their partners (advertisers) can remotely execute arbitrary code on a user device. | -- | Oct 19, 2020 | n/a |
CVE-2020-7744 | This affects all versions of package com.mintegral.msdk:alphab. The Android SDK distributed by the company contains malicious functionality in this module that tracks: 1. Downloads from Google urls either within Google apps or via browser including file downloads, e-mail attachments and Google Docs links. 2. All apk downloads, either organic or not. Mintegral listens to download events in Android\'s download manager and detects if the downloaded file\'s url contains: a. google.com or comes from a Google app (the com.android.vending package) b. Ends with .apk for apk downloads In both cases, the module sends the captured data back to Mintegral\'s servers. Note that the malicious functionality keeps running even if the app is currently not in focus (running in the background). | -- | Oct 15, 2020 | n/a |
CVE-2020-7743 | The package mathjs before 7.5.1 are vulnerable to Prototype Pollution via the deepExtend function that runs upon configuration updates. | -- | Oct 13, 2020 | n/a |
CVE-2020-7742 | This affects the package simpl-schema before 1.10.2. | MEDIUM | Oct 7, 2020 | n/a |
CVE-2020-7741 | This affects the package hellojs before 1.18.6. The code get the param oauth_redirect from url and pass it to location.assign without any check and sanitisation. So we can simply pass some XSS payloads into the url param oauth_redirect, such as javascript:alert(1). | -- | Oct 6, 2020 | n/a |
CVE-2020-7740 | This affects all versions of package node-pdf-generator. Due to lack of user input validation and sanitization done to the content given to node-pdf-generator, it is possible for an attacker to craft a url that will be passed to an external server allowing an SSRF attack. | -- | Oct 6, 2020 | n/a |
CVE-2020-7739 | This affects all versions of package phantomjs-seo. It is possible for an attacker to craft a url that will be passed to a PhantomJS instance allowing for an SSRF attack. | -- | Oct 6, 2020 | n/a |
CVE-2020-7738 | All versions of package shiba are vulnerable to Arbitrary Code Execution due to the default usage of the function load() of the package js-yaml instead of its secure replacement , safeLoad(). | MEDIUM | Oct 6, 2020 | n/a |
CVE-2020-7737 | All versions of package safetydance are vulnerable to Prototype Pollution via the set function. | HIGH | Oct 9, 2020 | n/a |
CVE-2020-7736 | The package bmoor before 0.8.12 are vulnerable to Prototype Pollution via the set function. | HIGH | Oct 2, 2020 | n/a |
CVE-2020-7735 | The package ng-packagr before 10.1.1 are vulnerable to Command Injection via the styleIncludePaths option. | -- | Sep 25, 2020 | n/a |
CVE-2020-7734 | All versions of package cabot are vulnerable to Cross-site Scripting (XSS) via the Endpoint column. | -- | Sep 22, 2020 | n/a |
CVE-2020-7733 | The package ua-parser-js before 0.7.22 are vulnerable to Regular Expression Denial of Service (ReDoS) via the regex for Redmi Phones and Mi Pad Tablets UA. | -- | Sep 16, 2020 | n/a |
CVE-2020-7731 | This affects all versions <0.7.0 of package github.com/russellhaering/gosaml2. There is a crash on nil-pointer dereference caused by sending malformed XML signatures. | MEDIUM | May 9, 2021 | n/a |
CVE-2020-7730 | The package bestzip before 2.1.7 are vulnerable to Command Injection via the options param. | -- | Sep 4, 2020 | n/a |
CVE-2020-7729 | The package grunt before 1.3.0 are vulnerable to Arbitrary Code Execution due to the default usage of the function load() instead of its secure replacement safeLoad() of the package js-yaml inside grunt.file.readYAML. | -- | Sep 3, 2020 | n/a |
CVE-2020-7727 | All versions of package gedi are vulnerable to Prototype Pollution via the set function. | HIGH | Sep 2, 2020 | n/a |