CVSS: 9.8EPSS: 17%CPEs: 1EXPL: 2CVE-2021-23807 – Prototype Pollution
https://notcve.org/view.php?id=CVE-2021-23807
A type confusion vulnerability can lead to a bypass of a previous Prototype Pollution fix when the pointer components are arrays. ... Una vulnerabilidad de confusión de tipo puede conllevar a una omisión de una corrección anterior de Contaminación de Prototipos cuando los componentes de los punteros son matrices • https://github.com/janl/node-jsonpointer/commit/a0345f3550cd9c4d89f33b126390202b89510ad4 https://github.com/janl/node-jsonpointer/pull/51 https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1910273 https://snyk.io/vuln/SNYK-JS-JSONPOINTER-1577288 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-23624 – Prototype Pollution
https://notcve.org/view.php?id=CVE-2021-23624
A type confusion vulnerability can lead to a bypass of CVE-2021-25912 when the user-provided keys used in the path parameter are arrays. ... Una vulnerabilidad de confusión de tipo puede conllevar a una omisión de CVE-2021-25912 cuando las claves proporcionadas por el usuario usadas en el parámetro path son matrices • https://github.com/deoxxa/dotty/commit/88f61860dcc274a07a263c32cbe9d44c24ef02d7 https://snyk.io/vuln/SNYK-JS-DOTTY-1577292 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 9.8EPSS: 8%CPEs: 1EXPL: 2CVE-2021-23820 – Prototype Pollution
https://notcve.org/view.php?id=CVE-2021-23820
A type confusion vulnerability can lead to a bypass of CVE-2020-7709 when the pointer components are arrays. ... Una vulnerabilidad de confusión de tipo puede conllevar a una omisión de CVE-2020-7709 cuando los componentes del puntero son matrices • https://github.com/manuelstofer/json-pointer/blob/master/index.js%23L78 https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1910686 https://snyk.io/vuln/SNYK-JS-JSONPOINTER-1577287 https://access.redhat.com/security/cve/CVE-2021-23820 https://bugzilla.redhat.com/show_bug.cgi?id=2020369 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') CWE-915: Improperly Controlled Modification of Dynamically-Determined Object Attributes •
CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0CVE-2021-30818 – webkitgtk: Type confusion issue leading to arbitrary code execution
https://notcve.org/view.php?id=CVE-2021-30818
A type confusion issue was addressed with improved state handling. ... Se abordó un problema de confusión de tipos con el manejo del estado mejorado. ... El procesamiento de contenido web diseñado de forma maliciosa puede conllevar a una ejecución de código arbitrario A confusion type flaw was found in WebKitGTK. • http://www.openwall.com/lists/oss-security/2021/12/20/6 https://support.apple.com/en-us/HT212807 https://support.apple.com/en-us/HT212814 https://support.apple.com/en-us/HT212815 https://support.apple.com/en-us/HT212816 https://support.apple.com/en-us/HT212819 https://support.apple.com/kb/HT212869 https://access.redhat.com/security/cve/CVE-2021-30818 https://bugzilla.redhat.com/show_bug.cgi?id=2034368 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 9.3EPSS: 0%CPEs: 4EXPL: 0CVE-2021-0870 – Android NFC Type Confusion
https://notcve.org/view.php?id=CVE-2021-0870
Producto: Android, Versiones: Android-9 Android-10 Android-11 Android-8.1, ID de Android: A-192472262 Android NFC suffers from a type confusion vulnerability due to a race condition during a tag type change. • http://packetstormsecurity.com/files/164704/Android-NFC-Type-Confusion.html https://source.android.com/security/bulletin/2021-10-01 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •