Security
Headlines

Headlines Latest CVEs

Headline

GHSA-67j4-2mh6-8627: json-logic-js Command Injection vulnerability

A vulnerability, which was classified as critical, has been found in json-logic-js 2.0.0. Affected by this issue is some unknown functionality of the file logic.js. The manipulation leads to command injection. Upgrading to version 2.0.1 is able to address this issue. The name of the patch is c1dd82f5b15d8a553bb7a0cfa841ab8a11a9c227. It is recommended to upgrade the affected component. VDB-222266 is the identifier assigned to this vulnerability.

1 year ago

#vulnerability #js #git

json-logic-js Command Injection vulnerability

Moderate severity GitHub Reviewed Published Mar 5, 2023 to the GitHub Advisory Database • Updated Mar 7, 2023

Related news

A vulnerability, which was classified as critical, has been found in json-logic-js 2.0.0. Affected by this issue is some unknown functionality of the file logic.js. The manipulation leads to command injection. Upgrading to version 2.0.1 is able to address this issue. The name of the patch is c1dd82f5b15d8a553bb7a0cfa841ab8a11a9c227. It is recommended to upgrade the affected component. VDB-222266 is the identifier assigned to this vulnerability.

1 year ago

#vulnerability #js

ghsa: Latest News

GHSA-hqmp-g7ph-x543: TunnelVision - decloaking VPNs using DHCP

1 day ago

GHSA-j5vv-6wjg-cfr8: changedetection.io Vulnerable to Improper Input Validation Leading to LFR/Path Traversal

1 day ago

GHSA-w95c-7994-ghpr: TCPDF has incorrect comparison

2 days ago

GHSA-qx95-cwh6-9mvq: TCPDF missing character escape on error messages

2 days ago

GHSA-9mgx-552f-59p6: TCPDF missing certificate validation

2 days ago