Lucene search
GoogleOSV:CVE-2021-28860HistoryMay 03, 2021 - 12:15 p.m.
CVE-2021-28860
2021-05-0312:15:07
Google
osv.dev
6
node.js
mixme
vulnerability
mutate
merge
denial of service
software
In Node.js mixme, prior to v0.5.1, an attacker can add or alter properties of an object via ‘proto’ through the mutate() and merge() functions. The polluted attribute will be directly assigned to every object in the program. This will put the availability of the program at risk causing a potential denial of service (DoS).
Related
cve
cve
CVE-2021-29491
2021-05-06 13:15:12
CVE-2021-28860
2021-05-03 12:15:07
osv
osv
Prototype Pollution in mixme
2022-02-10 23:52:01
Use of Potentially Dangerous Function in mixme
2021-05-06 15:45:39
nvd
nvd
CVE-2021-29491
2021-05-06 13:15:12
CVE-2021-28860
2021-05-03 12:15:07
github
github
Prototype Pollution in mixme
2022-02-10 23:52:01
Use of Potentially Dangerous Function in mixme
2021-05-06 15:45:39
veracode
veracode
Prototype Pollution
2022-02-11 09:22:03
prion
prion
Design/Logic Flaw
2021-05-03 12:15:00
cvelist
cvelist
CVE-2021-28860
2021-05-03 11:48:33
CVE-2021-29491
2021-05-06 12:51:37
nodejs
nodejs
Prototype Pollution
2021-05-06 15:47:15