Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Mpath Security Vulnerabilities

cve
cve

CVE-2021-23438

This affects the package mpath before 0.8.4. A type confusion vulnerability can lead to a bypass of CVE-2018-16490. In particular, the condition ignoreProperties.indexOf(parts[i]) !== -1 returns -1 if parts[i] is ['proto']. This is because the method that has been called if the input is an array...

9.8CVSS

7.4AI Score

0.004EPSS

2021-09-01 07:15 PM
41
cve
cve

CVE-2018-16490

A prototype pollution vulnerability was found in module mpath <0.5.1 that allows an attacker to inject arbitrary properties onto...

7.5CVSS

7.7AI Score

0.001EPSS

2019-02-01 06:29 PM
48