Tarteaucitronjs

5 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2026-22809 MEDIUM PATCH This Month

Tarteaucitronjs versions up to 1.29.0 is affected by inefficient regular expression complexity (redos) (CVSS 4.4).

Denial Of Service Tarteaucitronjs
NVD GitHub
CVSS 3.1
4.4
EPSS
0.0%
CVE-2025-48939 MEDIUM POC PATCH This Month

A security vulnerability in tarteaucitron.js (CVSS 4.2). Risk factors: public PoC available. Vendor patch is available.

Code Injection Tarteaucitronjs
NVD GitHub
CVSS 3.1
4.2
EPSS
0.0%
CVE-2025-31476 MEDIUM PATCH Monitor

tarteaucitron.js is a compliant and accessible cookie banner. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

Information Disclosure XSS Tarteaucitronjs Tacjs
NVD GitHub
CVSS 3.1
4.8
EPSS
0.2%
CVE-2025-31475 MEDIUM PATCH This Month

tarteaucitron.js is a compliant and accessible cookie banner. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity. This Improperly Controlled Modification of Object Prototype Attributes (Prototype Pollution) vulnerability could allow attackers to modify object prototypes to inject properties affecting application logic.

Prototype Pollution RCE Tarteaucitronjs
NVD GitHub
CVSS 3.1
5.5
EPSS
1.3%
CVE-2025-31138 MEDIUM PATCH This Month

tarteaucitron.js is a compliant and accessible cookie banner. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity.

XSS Tarteaucitronjs
NVD GitHub
CVSS 3.1
5.5
EPSS
0.2%
CVE-2026-22809
EPSS 0% CVSS 4.4
MEDIUM PATCH This Month

Tarteaucitronjs versions up to 1.29.0 is affected by inefficient regular expression complexity (redos) (CVSS 4.4).

Denial Of Service Tarteaucitronjs
NVD GitHub
CVE-2025-48939
EPSS 0% CVSS 4.2
MEDIUM POC PATCH This Month

A security vulnerability in tarteaucitron.js (CVSS 4.2). Risk factors: public PoC available. Vendor patch is available.

Code Injection Tarteaucitronjs
NVD GitHub
CVE-2025-31476
EPSS 0% CVSS 4.8
MEDIUM PATCH Monitor

tarteaucitron.js is a compliant and accessible cookie banner. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

Information Disclosure XSS Tarteaucitronjs +1
NVD GitHub
CVE-2025-31475
EPSS 1% CVSS 5.5
MEDIUM PATCH This Month

tarteaucitron.js is a compliant and accessible cookie banner. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity. This Improperly Controlled Modification of Object Prototype Attributes (Prototype Pollution) vulnerability could allow attackers to modify object prototypes to inject properties affecting application logic.

Prototype Pollution RCE Tarteaucitronjs
NVD GitHub
CVE-2025-31138
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

tarteaucitron.js is a compliant and accessible cookie banner. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity.

XSS Tarteaucitronjs
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy