Lucene search
GoogleOSV:GHSA-C429-5P7V-VGJPHistorySep 25, 2022 - 12:00 a.m.
hoek subject to prototype pollution via the clone function.
2022-09-2500:00:27
Google
osv.dev
13
hoek
clone function
prototype pollution
vulnerability
software
version 8.5.1
version 9.0.3
CVSS3
8.1
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
0.002
Percentile
60.5%
hoek versions prior to 8.5.1, and 9.x prior to 9.0.3 are vulnerable to prototype pollution in the clone function. If an object with the proto key is passed to clone() the key is converted to a prototype. This issue has been patched in version 9.0.3, and backported to 8.5.1.
Related
prion
prion
Design/Logic Flaw
2022-09-23 06:15:00
cvelist
cvelist
CVE-2020-36604
2022-09-23 05:28:11
github
github
hoek subject to prototype pollution via the clone function.
2022-09-25 00:00:27
redhatcve
redhatcve
CVE-2020-36604
2022-09-26 10:18:57
nvd
nvd
CVE-2020-36604
2022-09-23 06:15:08
cgr
cgr
CVE-2020-36604 vulnerabilities
2024-05-19 03:07:16
veracode
veracode
Prototype Pollution
2022-09-30 07:47:05
debiancve
debiancve
CVE-2020-36604
2022-09-23 06:15:08
osv
osv
CGA-659h-6c6w-34c8
2024-06-06 12:24:26
CVE-2020-36604
2022-09-23 06:15:08
CGA-gx4m-962g-vxjh
2024-06-06 12:27:34
ibm
ibm
Security Bulletin: Multiple Vulnerabilities in CloudPak for Watson AIOPs
2023-03-30 15:19:31
cve
cve
CVE-2020-36604
2022-09-23 06:15:08
ubuntucve
ubuntucve
CVE-2020-36604
2022-09-23 00:00:00
wolfi
wolfi
CVE-2020-36604 vulnerabilities
2024-09-28 16:03:05
CVSS3
8.1
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
0.002
Percentile
60.5%
Related for OSV:GHSA-C429-5P7V-VGJP