Skip to main content

Tarteaucitronjs

5 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2026-22809 npm MEDIUM PATCH This Month

Tarteaucitronjs versions up to 1.29.0 is affected by inefficient regular expression complexity (redos) (CVSS 4.4).

Denial Of Service Tarteaucitronjs
NVD GitHub
CVSS 3.1
4.4
EPSS
0.0%
CVE-2025-48939 npm MEDIUM POC PATCH This Month

A security vulnerability in tarteaucitron.js (CVSS 4.2). Risk factors: public PoC available. Vendor patch is available.

Code Injection Tarteaucitronjs
NVD GitHub
CVSS 3.1
4.2
EPSS
0.0%
CVE-2025-31476 LIB MEDIUM PATCH Monitor

tarteaucitron.js is a compliant and accessible cookie banner. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

Information Disclosure XSS Tarteaucitronjs Tacjs
NVD GitHub
CVSS 3.1
4.8
EPSS
0.2%
CVE-2025-31475 npm MEDIUM PATCH This Month

tarteaucitron.js is a compliant and accessible cookie banner. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity. This Improperly Controlled Modification of Object Prototype Attributes (Prototype Pollution) vulnerability could allow attackers to modify object prototypes to inject properties affecting application logic.

Prototype Pollution RCE Tarteaucitronjs
NVD GitHub
CVSS 3.1
5.5
EPSS
1.3%
CVE-2025-31138 npm MEDIUM PATCH This Month

tarteaucitron.js is a compliant and accessible cookie banner. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity.

XSS Tarteaucitronjs
NVD GitHub
CVSS 3.1
5.5
EPSS
0.2%
CVE-2026-22809 npm
EPSS 0% CVSS 4.4
MEDIUM PATCH This Month

Tarteaucitronjs versions up to 1.29.0 is affected by inefficient regular expression complexity (redos) (CVSS 4.4).

Denial Of Service Tarteaucitronjs
NVD GitHub
CVE-2025-48939 npm
EPSS 0% CVSS 4.2
MEDIUM POC PATCH This Month

A security vulnerability in tarteaucitron.js (CVSS 4.2). Risk factors: public PoC available. Vendor patch is available.

Code Injection Tarteaucitronjs
NVD GitHub
CVE-2025-31476 LIB
EPSS 0% CVSS 4.8
MEDIUM PATCH Monitor

tarteaucitron.js is a compliant and accessible cookie banner. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

Information Disclosure XSS Tarteaucitronjs +1
NVD GitHub
CVE-2025-31475 npm
EPSS 1% CVSS 5.5
MEDIUM PATCH This Month

tarteaucitron.js is a compliant and accessible cookie banner. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity. This Improperly Controlled Modification of Object Prototype Attributes (Prototype Pollution) vulnerability could allow attackers to modify object prototypes to inject properties affecting application logic.

Prototype Pollution RCE Tarteaucitronjs
NVD GitHub
CVE-2025-31138 npm
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

tarteaucitron.js is a compliant and accessible cookie banner. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity.

XSS Tarteaucitronjs
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy