5 matches found
CVE-2024-29650
An issue in @thi.ng/paths v.5.1.62 and before allows a remote attacker to execute arbitrary code via the mutIn and mutInManyUnsafe components...
CVE-2024-29650
An issue in @thi.ng/paths v.5.1.62 and before allows a remote attacker to execute arbitrary code via the mutIn and mutInManyUnsafe components...
CVE-2024-29650
An issue in @thi.ng/paths v.5.1.62 and before allows a remote attacker to execute arbitrary code via the mutIn and mutInManyUnsafe components...
CVE-2024-29650
An issue in @thi.ng/paths v.5.1.62 and before allows a remote attacker to execute arbitrary code via the mutIn and mutInManyUnsafe components...
Prototype Pollution in thi-ng/umbrella
Description @thi.ng/paths is vulnerable to Prototype Pollution. The vulnerability is due to an incomplete fix. mutIn function does not have fix implemented. Proof of Concept 1. Create the following PoC file: javascript // poc.js const paths = require'@thi.ng/paths' console.log"Before: ", .pollute...