| Max CVSS | 6.8 | Min CVSS | 2.1 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2019-10744 | 6.4 |
Versions of lodash lower than 4.17.12 are vulnerable to Prototype Pollution. The function defaultsDeep could be tricked into adding or modifying properties of Object.prototype using a constructor payload.
|
21-01-2024 - 02:45 | 26-07-2019 - 00:15 | |
| CVE-2020-11022 | 4.3 |
In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This prob
|
31-08-2023 - 03:15 | 29-04-2020 - 22:15 | |
| CVE-2020-12459 | 2.1 |
In certain Red Hat packages for Grafana 6.x through 6.3.6, the configuration files /etc/grafana/grafana.ini and /etc/grafana/ldap.toml (which contain a secret_key and a bind_password) are world readable.
|
26-04-2022 - 17:45 | 29-04-2020 - 16:15 | |
| CVE-2020-7598 | 6.8 |
minimist before 1.2.2 could be tricked into adding or modifying properties of Object.prototype using a "constructor" or "__proto__" payload.
|
22-04-2022 - 19:02 | 11-03-2020 - 23:15 | |
| CVE-2020-11022 | 4.3 |
In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This prob
|
25-09-2020 - 20:15 | 29-04-2020 - 22:15 |