EUVD-2022-1577

Malicious code in bioql PyPI...

Prototype Pollution in libnested

The package libnested before 1.5.2 are vulnerable to Prototype Pollution via the set function in index.js. Note: This vulnerability derives from an incomplete fix for CVE-2020-28283...

GHSA-X5M8-2R8V-8F97 Prototype Pollution in libnested

The package libnested before 1.5.2 are vulnerable to Prototype Pollution via the set function in index.js. Note: This vulnerability derives from an incomplete fix for CVE-2020-28283...

CVE-2020-28283

creationtimestamp| type| source ---|---|--- 2022-03-17 15:21:36+00:00| seen| https://t.me/cibsecurity/39135...

CVE-2022-25352

The package libnested before 1.5.2 are vulnerable to Prototype Pollution via the set function in index.js. Note: This vulnerability derives from an incomplete fix for CVE-2020-28283...

Design/Logic Flaw

The package libnested before 1.5.2 are vulnerable to Prototype Pollution via the set function in index.js. Note: This vulnerability derives from an incomplete fix for CVE-2020-28283...

CVE-2022-25352 Prototype Pollution

The package libnested before 1.5.2 are vulnerable to Prototype Pollution via the set function in index.js. Note: This vulnerability derives from an incomplete fix for CVE-2020-28283...

CVE-2020-28283

CVE-2020-28283 affects the libnested package; versions before 1.5.2 are vulnerable to Prototype Pollution through the set function in index.js, enabling denial of service and potentially remote code execution. The issue stems from an incomplete fix and is addressed by upgrading libnested to 1.5.2...

CVE-2020-28283

Prototype pollution vulnerability in 'libnested' versions 0.0.0 through 1.5.0 allows an attacker to cause a denial of service and may lead to remote code execution...