6 matches found
EUVD-2022-1546
Malicious code in bioql PyPI...
Prototype Pollution in bodymen
The package bodymen from 0.0.0 are vulnerable to Prototype Pollution via the handler function which could be tricked into adding or modifying properties of Object.prototype using a proto payload. Note: This vulnerability derives from an incomplete fix to CVE-2019-10792...
CVE-2019-10792
creationtimestamp| type| source ---|---|--- 2022-03-17 15:21:39+00:00| seen| https://t.me/cibsecurity/39138...
Design/Logic Flaw
The package bodymen from 0.0.0 are vulnerable to Prototype Pollution via the handler function which could be tricked into adding or modifying properties of Object.prototype using a proto payload. Note: This vulnerability derives from an incomplete fix to CVE-2019-10792...
CVE-2022-25296
The CVE-2022-25296 entry concerns the npm package bodymen. Multiple trusted sources (GHSA and OSV entries) describe a Prototype Pollution flaw in bodymen, where the handler can be tricked into adding or modifying properties on Object.prototype via a proto payload. The vulnerability is tied to an ...
CVE-2019-10792
CVE-2019-10792 affects bodymen prior to 1.1.1, with a Prototype Pollution flaw in the handler that can be triggered by a proto payload to add/modify properties on Object.prototype. Related advisories reiterate the issue as a patch being incomplete in some fixes, leading to follow-on disclosures (...