Skip to main content

Querymen

2 CVEs product

Monthly

CVE-2022-25871 npm HIGH POC This Week

All versions of package querymen are vulnerable to Prototype Pollution if the parameters of exported function handler(type, name, fn) can be controlled by users without any sanitization. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Prototype Pollution Information Disclosure Querymen
NVD
CVSS 3.1
7.5
EPSS
1.1%
CVE-2020-7600 npm MEDIUM POC PATCH This Month

querymen prior to 2.1.4 allows modification of object properties. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Prototype Pollution Information Disclosure Querymen
NVD GitHub
CVSS 3.1
5.3
EPSS
1.1%
EPSS 1% CVSS 7.5
HIGH POC This Week

All versions of package querymen are vulnerable to Prototype Pollution if the parameters of exported function handler(type, name, fn) can be controlled by users without any sanitization. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Prototype Pollution Information Disclosure Querymen
NVD
EPSS 1% CVSS 5.3
MEDIUM POC PATCH This Month

querymen prior to 2.1.4 allows modification of object properties. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Prototype Pollution Information Disclosure Querymen
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy