Lucene search
MitreCVELIST:CVE-2019-20149HistoryDec 30, 2019 - 6:25 p.m.
CVE-2019-20149
2019-12-3018:25:10
mitre
www.cve.org
ctorName in index.js in kind-of v6.0.2 allows external user input to overwrite certain internal attributes via a conflicting name, as demonstrated by ‘constructor’: {‘name’:‘Symbol’}. Hence, a crafted payload can overwrite this builtin attribute to manipulate the type detection result.
Related
ubuntucve
ubuntucve
CVE-2019-20149
2019-12-30 00:00:00
githubexploit
githubexploit
Exploit for Exposure of Resource to Wrong Sphere in Kind-Of Project Kind-Of
2020-12-01 09:18:58
redhatcve
redhatcve
CVE-2019-20149
2021-05-13 05:51:53
veracode
veracode
Prototype Pollution
2019-12-17 02:47:19
osv
osv
CVE-2019-20149
2019-12-30 19:15:11
Validation Bypass in kind-of
2020-03-31 15:59:54
nvd
nvd
CVE-2019-20149
2019-12-30 19:15:11
debiancve
debiancve
CVE-2019-20149
2019-12-30 19:15:11
github
github
Validation Bypass in kind-of
2020-03-31 15:59:54
prion
prion
Design/Logic Flaw
2019-12-30 19:15:00
nessus
nessus
RHEL 8 : nodejs-kind-of (Unpatched Vulnerability)
2024-05-11 00:00:00
Splunk Enterprise < 8.1.14, 8.2.0 < 8.2.11, 9.0.0 < 9.0.5 (SVD-2023-0613)
2024-05-02 00:00:00
cve
cve
CVE-2019-20149
2019-12-30 19:15:11
ibm
ibm
Security Bulletin: IBM Cloud Pak for Security includes components with multiple known vulnerabilities
2023-08-01 14:54:42
Security Bulletin: Multiple vulnerabilites affect IBM Engineering products.
2021-03-29 21:46:36
Security Bulletin: OSS security Scan issues for Concerto installer.
2020-12-08 06:37:17
redhat
redhat