Skip to main content
CVE-2023-30857 LOW PATCH Monitor

@aedart/support is the support package for Ion, a monorepo for JavaScript/TypeScript packages. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. This Improperly Controlled Modification of Object Prototype Attributes (Prototype Pollution) vulnerability could allow attackers to modify object prototypes to inject properties affecting application logic.

Information Disclosure Prototype Pollution Ion
NVD GitHub
CVSS 3.1
3.7
EPSS
0.5%
CVE-2023-28473 LOW PATCH Monitor

Concrete CMS (previously concrete5) versions 8.5.12 and below, and 9.0 through 9.1.3 is vulnerable to possible Auth bypass in the jobs section. Rated low severity (CVSS 3.3), this vulnerability is remotely exploitable. No vendor patch available.

Authentication Bypass Concrete Cms
NVD
CVSS 3.1
3.3
EPSS
0.8%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy