CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 1CVE-2020-35635
https://notcve.org/view.php?id=CVE-2020-35635
A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. ... Un archivo malformado especialmente diseñado puede conllevar a una lectura fuera de límites y una confusión de tipo, lo que podría conllevar a una ejecución de código. • https://lists.debian.org/debian-lts-announce/2022/12/msg00011.html https://security.gentoo.org/glsa/202305-34 https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225 • CWE-129: Improper Validation of Array Index •
CVSS: 8.6EPSS: 0%CPEs: 2EXPL: 2CVE-2021-23434 – Prototype Pollution
https://notcve.org/view.php?id=CVE-2021-23434
A type confusion vulnerability can lead to a bypass of CVE-2020-15256 when the path components used in the path parameter are arrays. ... This is because the === operator returns always false when the type of the operands is different. ... Una vulnerabilidad de confusión de tipo puede conllevar a una omisión de CVE-2020-15256 cuando los componentes de la ruta usados en el parámetro path son arrays. ... A type confusion vulnerability can lead to a bypass of CVE-2020-15256 when the path components used in the path parameter are arrays. ... This is because the === operator returns always false when the type of the operands is different. • https://github.com/mariocasciaro/object-path%230116 https://github.com/mariocasciaro/object-path/commit/7bdf4abefd102d16c163d633e8994ef154cab9eb https://lists.debian.org/debian-lts-announce/2023/01/msg00031.html https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1570423 https://snyk.io/vuln/SNYK-JS-OBJECTPATH-1569453 https://access.redhat.com/security/cve/CVE-2021-23434 https://bugzilla.redhat.com/show_bug.cgi?id=1999810 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 8.8EPSS: 1%CPEs: 4EXPL: 0CVE-2021-30599
https://notcve.org/view.php?id=CVE-2021-30599
Type confusion in V8 in Google Chrome prior to 92.0.4515.159 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Una confusión de tipo en V8 en Google Chrome versiones anteriores a 92.0.4515.159, permitió a un atacante remoto ejecutar código arbitrario dentro de un sandbox por medio de una página HTML diseñada. • https://chromereleases.googleblog.com/2021/08/stable-channel-update-for-desktop.html https://crbug.com/1234770 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5LVY4WIWTVVYKQMROJJS365TZBKEARCF https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IPJPUSAWIJMQFBQQQYXAICLI4EKFQOH6 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QW4R2K5HVJ4R6XDZYOJCCFPIN2XHNS3L • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 1CVE-2021-30598
https://notcve.org/view.php?id=CVE-2021-30598
Type confusion in V8 in Google Chrome prior to 92.0.4515.159 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Una confusión de tipo en V8 en Google Chrome versiones anteriores a 92.0.4515.159, permitió a un atacante remoto ejecutar código arbitrario dentro de un sandbox por medio de una página HTML diseñada. • https://chromereleases.googleblog.com/2021/08/stable-channel-update-for-desktop.html https://crbug.com/1234764 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5LVY4WIWTVVYKQMROJJS365TZBKEARCF https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IPJPUSAWIJMQFBQQQYXAICLI4EKFQOH6 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QW4R2K5HVJ4R6XDZYOJCCFPIN2XHNS3L • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0CVE-2021-31008
https://notcve.org/view.php?id=CVE-2021-31008
A type confusion issue was addressed with improved memory handling. ... Se ha solucionado un problema de confusión de tipos con un mejor manejo de la memoria. • https://support.apple.com/en-us/HT212814 https://support.apple.com/en-us/HT212869 https://support.apple.com/en-us/HT212874 https://support.apple.com/en-us/HT212875 https://support.apple.com/en-us/HT212876 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •