Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
linuxfoundation dojo vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2020-5259
In affected versions of dojox (NPM package), the jqMix method is vulnerable to Prototype Pollution. Prototype Pollution refers to the ability to inject properties into existing JavaScript language construct prototypes, such as objects. An attacker manipulates these attributes to ...
Linuxfoundation Dojox
4.3
CVSSv2
CVE-2019-10785
dojox is vulnerable to Cross-site Scripting in all versions before version 1.16.1, 1.15.2, 1.14.5, 1.13.6, 1.12.7 and 1.11.9. This is due to dojox.xmpp.util.xmlEncode only encoding the first occurrence of each character, not all of them.
Linuxfoundation Dojox
Debian Debian Linux 8.0
7.5
CVSSv2
CVE-2021-23450
All versions of package dojo are vulnerable to Prototype Pollution via the setObject function.
Linuxfoundation Dojo
Oracle Primavera Unifier 18.8
Oracle Primavera Unifier
Oracle Weblogic Server 12.2.1.4.0
Oracle Primavera Unifier 19.12
Oracle Weblogic Server 14.1.1.0.0
Oracle Primavera Unifier 20.12
Oracle Primavera Unifier 21.12
Oracle Communications Policy Management 12.6.0.0.0
Debian Debian Linux 10.0
5
CVSSv2
CVE-2020-5258
In affected versions of dojo (NPM package), the deepCopy method is vulnerable to Prototype Pollution. Prototype Pollution refers to the ability to inject properties into existing JavaScript language construct prototypes, such as objects. An attacker manipulates these attributes t...
Linuxfoundation Dojo
Debian Debian Linux 8.0
Oracle Webcenter Sites 12.2.1.3.0
Oracle Primavera Unifier 18.8
Oracle Primavera Unifier
Oracle Communications Policy Management 12.5.0
Oracle Weblogic Server 12.2.1.4.0
Oracle Primavera Unifier 19.12
Oracle Webcenter Sites 12.2.1.4.0
Oracle Weblogic Server 14.1.1.0.0
Oracle Mysql
Oracle Primavera Unifier 20.12
Oracle Communications Pricing Design Center 12.0.0.3.0
Oracle Documaker
Oracle Communications Application Session Controller 3.9.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started