6 matches found
EUVD-2023-1644
Malicious code in bioql PyPI...
CVE-2023-30857
@aedart/support is the support package for Ion, a monorepo for JavaScript/TypeScript packages. Prior to version 0.6.1, there is a possible prototype pollution issue for the MetadataRecord, when merged with a base class' metadata object, in meta decorator from the @aedart/support package. The...
GHSA-WWXH-74FX-33C6 Possible prototype pollution in metadata record, when using meta decorator
Impact Possible prototype pollution for the MetadataRecord, when merged with a base class' metadata object, in meta decorator from the @aedart/support package. The likelihood is questionable, given that a class' metadata can only be set or altered when the class is decorated via meta. Furthermore...
CVE-2023-30857 @aedart/support possibly vulnerable to prototype pollution in metadata record, when using meta decorator
@aedart/support is the support package for Ion, a monorepo for JavaScript/TypeScript packages. Prior to version 0.6.1, there is a possible prototype pollution issue for the MetadataRecord, when merged with a base class' metadata object, in meta decorator from the @aedart/support package. The...
PT-2023-23013 · Unknown · @Aedart/Support
Name of the Vulnerable Software and Affected Versions: @aedart/support versions prior to 0.6.1 Description: The issue concerns a possible prototype pollution for the MetadataRecord, when merged with a base class' metadata object, in meta decorator from the @aedart/support package. The likelihood ...
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
@aedart/support is the support package for Ion, a monorepo for JavaScript/TypeScript packages. Prior to version 0.6.1, there is a possible prototype pollution issue for the MetadataRecord, when merged with a base class' metadata object, in meta decorator from the @aedart/support package. The...