A vulnerability classified as critical was found in ZRender up to 5.2.0. Affected by this vulnerability is the function merge/clone of the file src/core/util.ts. Upgrading to version 5.2.1 eliminates this vulnerability. The upgrade is hosted for download at github.com. Applying a patch is able to eliminate this problem. The bugfix is ready for download at github.com. The best possible mitigation is suggested to be upgrading to the latest version.
ZRender up to 5.2.0 src/core/util.ts merge/clone code injection
Common Vulnerabilityies and Exposures
Contact us to get started
CVE-2024-11820 : CODE-PROJECTS CRUD OPERATION SYSTEM 1.0 /ADD.PHP SADDRESS CROSS SITE SCRIPTING
Description A vulnerability, which was classified as problematic, has been found in code-projects Crud Operation System 1.0. This issue affects
CVE-2024-52336 : RED HAT FAST DATAPATH FOR RHEL/ENTERPRISE LINUX D-BUS INSTANCE_CREATE CROSS SITE SCRIPTING
Description A script injection vulnerability was identified in the Tuned package. The `instance_create()` D-Bus function can be called by locally
CVE-2024-36463 : ZABBIX UP TO 5.0.42/6.0.32/6.4.17/7.0.2 ACCESS TO CRITICAL PRIVATE VARIABLE VIA PUBLIC METHOD
Description The implementation of atob in “Zabbix JS” allows to create a string with arbitrary content and use it to