Lucene search
Redhat.comRH:CVE-2018-3728HistoryApr 01, 2020 - 2:12 a.m.
CVE-2018-3728
2020-04-0102:12:07
redhat.com
access.redhat.com
12
0.01 Low
EPSS
Percentile
83.9%
hoek node module before 4.2.0 and 5.0.x before 5.0.3 suffers from a Modification of Assumed-Immutable Data (MAID) vulnerability via ‘merge’ and ‘applyToDefaults’ functions, which allows a malicious user to modify the prototype of “Object” via proto, causing the addition or modification of an existing property that will exist on all objects.
Related
hackerone
hackerone
Node.js third-party modules: Prototype pollution attack (Hoek)
2018-01-30 06:24:55
ubuntucve
ubuntucve
CVE-2018-3728
2018-03-30 00:00:00
debiancve
debiancve
CVE-2018-3728
2018-03-30 19:29:00
nessus
nessus
RHEL 8 : hoek (Unpatched Vulnerability)
2024-05-11 00:00:00
RHEL 8 : nodejs-hoek (Unpatched Vulnerability)
2024-06-03 00:00:00
RHEL 7 : Red Hat Mobile Application Platform 4.6.0 (RHSA-2018:1263)
2018-05-04 00:00:00
cve
cve
CVE-2018-3728
2018-03-30 19:29:00
osv
osv
Prototype Pollution in hoek
2018-04-26 15:25:17
CVE-2018-3728
2018-03-30 19:29:00
prion
prion
Code injection
2018-03-30 19:29:00
cvelist
cvelist
CVE-2018-3728
2018-03-30 19:00:00
nvd
nvd
CVE-2018-3728
2018-03-30 19:29:00
ibm
ibm
veracode
veracode
Prototype Pollution
2018-02-15 05:41:21
nodejs
nodejs
Prototype Pollution
2018-04-20 21:25:58
github
github
Prototype Pollution in hoek
2018-04-26 15:25:17
redhat
redhat