CVE-2019-10805
N/A
N/A
Summary
valib through 2.0.0 allows Internal Property Tampering. A maliciously crafted JavaScript object can bypass several inspection functions provided by valib. Valib uses a built-in function (hasOwnProperty) from the unsafe user-input to examine an object. It is possible for a crafted payload to overwrite this function to manipulate the inspection results to bypass security checks.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | valib | All versions including 2.0.0 | affected |
Weaknesses
- Internal Property Tampering
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.