Lucene search
K

CVE-2022-25645 Prototype Pollution

🗓️ 01 May 2022 15:30:39Reported by snykType 
cvelist
 cvelist
🔗 www.cve.org👁 33 Views

All versions of package dset are vulnerable to Prototype Pollution via 'dset/merge' mode. Crafting a malicious object can bypass the validation check and achieve prototype pollution

Related
Affected
Refs
ReporterTitlePublishedViews
Family
ATTACKERKB
CVE-2022-25645
1 May 202215:25
attackerkb
CNNVD
Lukeed Dset 安全漏洞
1 May 202200:00
cnnvd
CVE
CVE-2022-25645
1 May 202215:30
cve
IBM Security Bulletins
Security Bulletin: IBM App Connect Enterprise Certified Container DesignerAuthoring operands may be vulnerable to arbitrary code execution due to CVE-2022-25645
28 Apr 202211:30
ibm
EUVD
EUVD-2022-1897
3 Oct 202520:07
euvd
Github Security Blog
Prototype Pollution in dset
3 May 202200:00
github
NVD
CVE-2022-25645
1 May 202216:15
nvd
OSV
CVE-2022-25645
1 May 202216:15
osv
OSV
GHSA-23WX-CGXQ-VPWX Prototype Pollution in dset
3 May 202200:00
osv
Prion
Design/Logic Flaw
1 May 202216:15
prion
Rows per page
[
  {
    "vendor": "n/a",
    "product": "dset",
    "versions": [
      {
        "version": "0",
        "status": "affected",
        "lessThan": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

12 Sep 2023 07:06Current
8.3High risk
Vulners AI Score8.3
CVSS 3.16.5
EPSS0.0176
33