Lucene search
GitHub Advisory DatabaseGHSA-67MQ-H2R9-RH2MHistoryApr 13, 2021 - 3:23 p.m.
Prototype pollution in multi-ini
2021-04-1315:23:41
CWE-1321
GitHub Advisory Database
github.com
25
0.004 Low
EPSS
Percentile
74.7%
This affects the package multi-ini before 2.1.2. It is possible to pollute an object’s prototype by specifying the constructor.proto object as part of an array. This is a bypass of CVE-2020-28448.
Related
veracode
veracode
Prototype Pollution
2020-12-23 02:13:52
Prototype Pollution
2020-12-23 05:29:42
osv
osv
CVE-2020-28460
2020-12-22 13:15:12
Prototype pollution in multi-ini
2021-04-13 15:23:41
Prototype Pollution in multi-ini
2021-04-13 15:23:59
prion
prion
Type confusion
2020-12-22 13:15:00
Code injection
2020-12-22 13:15:00
cve
cve
CVE-2020-28460
2020-12-22 13:15:00
CVE-2020-28448
2020-12-22 13:15:00
cvelist
cvelist
CVE-2020-28460 Prototype Pollution
2020-12-22 00:00:00
CVE-2020-28448 Prototype Pollution
2020-12-22 00:00:00
github
github
Prototype Pollution in multi-ini
2021-04-13 15:23:59
huntr
huntr
Prototype Pollution in evangelion1204/multi-ini
2020-12-14 00:00:00