Lucene search
GoogleOSV:GHSA-67MQ-H2R9-RH2MHistoryApr 13, 2021 - 3:23 p.m.
Prototype pollution in multi-ini
2021-04-1315:23:41
Google
osv.dev
7
0.006 Low
EPSS
Percentile
78.7%
This affects the package multi-ini before 2.1.2. It is possible to pollute an object’s prototype by specifying the constructor.proto object as part of an array. This is a bypass of CVE-2020-28448.
Related
cvelist
cvelist
CVE-2020-28460 Prototype Pollution
2020-12-22 00:00:00
CVE-2020-28448 Prototype Pollution
2020-12-22 00:00:00
cve
cve
CVE-2020-28460
2020-12-22 13:15:12
CVE-2020-28448
2020-12-22 13:15:12
prion
prion
Type confusion
2020-12-22 13:15:00
Code injection
2020-12-22 13:15:00
nvd
nvd
CVE-2020-28460
2020-12-22 13:15:12
CVE-2020-28448
2020-12-22 13:15:12
github
github
Prototype pollution in multi-ini
2021-04-13 15:23:41
Prototype Pollution in multi-ini
2021-04-13 15:23:59
veracode
veracode
Prototype Pollution
2020-12-23 02:13:52
Prototype Pollution
2020-12-23 05:29:42
osv
osv
CVE-2020-28460
2020-12-22 13:15:12
Prototype Pollution in multi-ini
2021-04-13 15:23:59
huntr
huntr
Prototype Pollution in evangelion1204/multi-ini
2020-12-14 00:00:00