Shodan
Maps
Images
Monitor
Developer
More...
Dashboard
View Api Docs
Vulnerabilities
By Date
Known Exploited
Advanced Search
Vulnerable Software
Vendors
Products
Vulnerability Details CVE-2019-10798
rdf-graph-array through 0.3.0-rc6 manipulation of JavaScript objects resutling in Prototype Pollution. The rdf.Graph.prototype.add method could be tricked into adding or modifying properties of Object.prototype.
Exploit prediction scoring system (EPSS) score
EPSS Score
0.003
EPSS Ranking
56.3%
CVSS Severity
CVSS v3 Score
5.3
CVSS v2 Score
5.0
References
https://github.com/rdf-ext-archive/rdf-graph-array/blob/master/index.js#L211
https://snyk.io/vuln/SNYK-JS-RDFGRAPHARRAY-551803
https://github.com/rdf-ext-archive/rdf-graph-array/blob/master/index.js#L211
https://snyk.io/vuln/SNYK-JS-RDFGRAPHARRAY-551803
Products affected by CVE-2019-10798
Rdf-Graph-Array Project
»
Rdf-Graph-Array
»
Version:
0.3.0
cpe:2.3:a:rdf-graph-array_project:rdf-graph-array:0.3.0
Products
Monitor
Search Engine
Developer API
Maps
Bulk Data
Images
Snippets
Pricing
Membership
API Subscriptions
Enterprise
Contact Us
support@shodan.io
Shodan ® - All rights reserved