Lucene search
PRIOn knowledge basePRION:CVE-2020-5259HistoryMar 10, 2020 - 6:15 p.m.
Code injection
2020-03-1018:15:00
PRIOn knowledge base
www.prio-n.com
5
In affected versions of dojox (NPM package), the jqMix method is vulnerable to Prototype Pollution. Prototype Pollution refers to the ability to inject properties into existing JavaScript language construct prototypes, such as objects. An attacker manipulates these attributes to overwrite, or pollute, a JavaScript application object prototype of the base object by injecting other values. This has been patched in versions 1.11.10, 1.12.8, 1.13.7, 1.14.6, 1.15.3 and 1.16.2
Related
osv
osv
CVE-2020-5259
2020-03-10 18:15:12
Prototype Pollution in Dojox
2020-03-10 18:03:32
dojo - security update
2020-03-11 00:00:00
veracode
veracode
Prototype Pollution
2020-03-11 03:56:26
github
github
Prototype Pollution in Dojox
2020-03-10 18:03:32
nvd
nvd
CVE-2020-5259
2020-03-10 18:15:12
cve
cve
CVE-2020-5259
2020-03-10 18:15:12
cvelist
cvelist
CVE-2020-5259 Prototype Pollution in Dojox
2020-03-10 17:50:14
ubuntucve
ubuntucve
CVE-2020-5259
2020-03-10 00:00:00
debiancve
debiancve
CVE-2020-5259
2020-03-10 18:15:12
ibm
ibm
openvas
openvas
Debian: Security Advisory (DLA-2139-1)
2020-03-18 00:00:00
Mageia: Security Advisory (MGASA-2020-0232)
2022-01-28 00:00:00
nessus
nessus
Debian DLA-2139-1 : dojo security update
2020-03-12 00:00:00
mageia
mageia
Updated dojo packages fix security vulnerability
2020-05-27 12:52:46
debian
debian
[SECURITY] [DLA 2139-1] dojo security update
2020-03-11 19:14:41