7 matches found
CVE-2022-25862
creationtimestamp| type| source ---|---|--- 2022-05-14 00:27:22+00:00| seen| https://t.me/cibsecurity/42696...
colorcat (>=0.0.2 <=0.2.10), karg (=0.1.2) +10 more potentially affected by CVE-2020-7618 +1 more via sds (>=1.14.1 <=4.4.0)
sds NPM version =1.14.1, =0.0.2, =0.2.2, =0.55.1, =1.0.0, =0.0.1, =0.1.1, =0.0.1, =1.0.3, =0.4.16, =0.1.1, =1.0.1, =1.0.2 Source cves: CVE-2020-7618, CVE-2022-25862 Source advisory: OSV:GHSA-PH28-WWFJ-FV7F...
CVE-2022-25862
This affects the package sds from 0.0.0. The library could be tricked into adding or modifying properties of the Object.prototype by abusing the set function located in js/set.js. Note: This vulnerability derives from an incomplete fix to CVE-2020-7618...
CVE-2022-25862 Prototype Pollution
This affects the package sds from 0.0.0. The library could be tricked into adding or modifying properties of the Object.prototype by abusing the set function located in js/set.js. Note: This vulnerability derives from an incomplete fix to CVE-2020-7618...
CVE-2022-25862
The CVE-2022-25862 entry concerns the npm package sds, affected from version 0.0.0 onward. The vulnerability is a prototype pollution flaw caused by the set function in js/set.js, which can allow an attacker to add or modify properties on Object.prototype. This defect stems from an incomplete fix...
CVE-2022-25862
This affects the package sds from 0.0.0. The library could be tricked into adding or modifying properties of the Object.prototype by abusing the set function located in js/set.js. Note: This vulnerability derives from an incomplete fix to CVE-2020-7618...
colorcat (>=0.0.2 <=0.2.10), karg (=0.1.2) +10 more potentially affected by CVE-2020-7618 +1 more via sds (>=1.14.1 <=4.4.0)
sds NPM version =1.14.1, =0.0.2, =0.2.2, =0.55.1, =1.0.0, =0.0.1, =0.1.1, =0.0.1, =1.0.3, =0.4.16, =0.1.1, =1.0.1, =1.0.2 Source cves: CVE-2020-7618, CVE-2022-25862 Source advisory: SNYK:JS-SDS-2385944...