Type confusion in mpath

🗓️ 02 Sep 2021 22:25:02Reported by GitHub Advisory DatabaseType

Type confusion vulnerability in mpath before 0.8.

Reporter	Title	Published	Views	Family All 22
OSV	Type confusion in mpath	2 Sep 202122:02	–	osv
OSV	CVE-2021-23438	1 Sep 202119:15	–	osv
OSV	Prototype Pollution in mpath	7 Feb 201918:17	–	osv
RedhatCVE	CVE-2021-23438	3 Sep 202113:39	–	redhatcve
RedhatCVE	CVE-2018-16490	4 Feb 201920:49	–	redhatcve
Cvelist	CVE-2021-23438 Prototype Pollution	1 Sep 202118:20	–	cvelist
Cvelist	CVE-2018-16490	1 Feb 201918:00	–	cvelist
NVD	CVE-2021-23438	1 Sep 202119:15	–	nvd
NVD	CVE-2018-16490	1 Feb 201918:29	–	nvd
CVE	CVE-2021-23438	1 Sep 202119:15	–	cve

Vulners

Node

mpath_project mpathRange<0.8.4

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2021-23438
github	www.github.com/aheckmann/mpath/commit/89402d2880d4ea3518480a8c9847c541f2d824fc
snyk	www.snyk.io/vuln/SNYK-JS-MPATH-1577289
snyk	www.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1579548
github	www.github.com/mongoosejs/mpath/commit/89402d2880d4ea3518480a8c9847c541f2d824fc
github	www.github.com/advisories/GHSA-p92x-r36w-9395

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

02 Sep 2021 22:02Current

7.9High risk

Vulners AI Score7.9

CVSS27.5

CVSS35.6 - 9.8

EPSS0.00186

CWE-843