Filtered by vendor Sideralis
Subscriptions
Filtered by product Valib.js
Subscriptions
Total
1 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2019-10805 | 1 Sideralis | 1 Valib.js | 2024-11-21 | 7.5 High |
valib through 2.0.0 allows Internal Property Tampering. A maliciously crafted JavaScript object can bypass several inspection functions provided by valib. Valib uses a built-in function (hasOwnProperty) from the unsafe user-input to examine an object. It is possible for a crafted payload to overwrite this function to manipulate the inspection results to bypass security checks. |
Page 1 of 1.