CVE-2022-25948

Source
https://nvd.nist.gov/vuln/detail/CVE-2022-25948
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-25948.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2022-25948
Aliases
Published
2022-12-22T05:15:10Z
Modified
2025-01-08T14:09:53.316253Z
Severity
  • 5.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVSS Calculator
Summary
[none]
Details

The package liquidjs before 10.0.0 are vulnerable to Information Exposure when ownPropertyOnly parameter is set to False, which results in leaking properties of a prototype. Workaround For versions 9.34.0 and higher, an option to disable this functionality is provided.

References

Affected packages

Git / github.com/harttle/liquidjs

Affected ranges

Type
GIT
Repo
https://github.com/harttle/liquidjs
Events

Affected versions

v1.*

v1.2.0
v1.3.3
v1.4.1
v1.4.2
v1.4.3
v1.5.0
v1.5.1
v1.5.2
v1.5.3
v1.5.4
v1.6.0
v1.6.1
v1.6.2
v1.7.0
v1.7.1
v1.7.2
v1.7.3
v1.7.4
v1.7.5
v1.7.6
v1.7.7
v1.7.8
v1.7.9
v1.8.0
v1.9.0
v1.9.1
v1.9.2
v1.9.3
v1.9.4
v1.9.5
v1.9.6
v1.9.7

v2.*

v2.0.0
v2.0.1
v2.0.2
v2.0.3
v2.1.0
v2.1.1
v2.1.2
v2.1.3
v2.1.4
v2.2.0
v2.2.1

v3.*

v3.0.0
v3.1.0
v3.1.1
v3.1.2
v3.1.3

v4.*

v4.0.0

v5.*

v5.0.0
v5.0.1
v5.0.2
v5.1.0
v5.1.1
v5.2.0
v5.3.0-0

v6.*

v6.0.0
v6.0.1
v6.1.1
v6.2.0
v6.2.1
v6.3.0
v6.3.1
v6.4.0
v6.4.1
v6.4.2
v6.4.3

v7.*

v7.0.0
v7.0.1
v7.0.2
v7.1.0
v7.2.0
v7.2.1
v7.2.2
v7.3.0
v7.3.1
v7.4.0
v7.5.0
v7.5.1

v8.*

v8.0.0
v8.0.1
v8.0.2
v8.0.3
v8.1.0
v8.2.0
v8.2.1
v8.2.2
v8.2.3
v8.2.4
v8.3.0
v8.4.0
v8.4.1
v8.5.0
v8.5.1
v8.5.2
v8.5.3

v9.*

v9.0.0
v9.0.1
v9.1.0
v9.1.1
v9.10.0
v9.11.0
v9.11.1
v9.11.10
v9.11.11
v9.11.2
v9.11.3
v9.11.4
v9.11.5
v9.11.6
v9.11.7
v9.11.8
v9.11.9
v9.12.0
v9.13.0
v9.14.0
v9.14.1
v9.15.0
v9.15.1
v9.16.0
v9.16.1
v9.17.0
v9.18.0
v9.19.0
v9.2.0
v9.20.0
v9.20.1
v9.21.0
v9.22.0
v9.22.1
v9.23.0
v9.23.1
v9.23.2
v9.23.3
v9.23.4
v9.24.0
v9.24.1
v9.24.2
v9.25.0
v9.25.1
v9.26.0
v9.27.0
v9.27.1
v9.28.0
v9.28.1
v9.28.2
v9.28.3
v9.28.4
v9.28.5
v9.28.6
v9.29.0
v9.3.0
v9.3.1
v9.30.0
v9.31.0
v9.32.0
v9.32.1
v9.33.0
v9.33.1
v9.4.0
v9.4.1
v9.4.2
v9.5.0
v9.6.0
v9.6.1
v9.6.2
v9.7.0
v9.7.1
v9.7.2
v9.8.0
v9.9.0