14 matches found
CVE-2020-7638
confinit through 0.3.0 is vulnerable to Prototype Pollution.The 'setDeepProperty' function could be tricked into adding or modifying properties of 'Object.prototype' using a 'proto' payload...
EUVD-2020-0386
Malware in sbrugna...
confinit vulnerable to prototype pollution
confinit through 0.3.0 is vulnerable to Prototype Pollution.The 'setDeepProperty' function could be tricked into adding or modifying properties of 'Object.prototype' using a 'proto' payload...
GHSA-JGPQ-G82G-6C39 confinit vulnerable to prototype pollution
confinit through 0.3.0 is vulnerable to Prototype Pollution.The 'setDeepProperty' function could be tricked into adding or modifying properties of 'Object.prototype' using a 'proto' payload...
Prototype Pollution
confinit is vulnerable to prototype pollution. The vulnerability exists because the function setDeepProperty allows the manipulation of properties of Object.prototype as it accepts the proto payload...
Prototype Pollution
confinit is vulnerable Prototype Pollution. The vulnerability exists because the function setDeepProperty allows the manipulation of properties of Object.prototype as it accepts proto payload...
Confinit Input Validation Error Vulnerability
confinit is an application configuration package for Node.Js. Confinit is vulnerable to an input validation error. The vulnerability stems from a network system or product that does not properly validate input data. Detailed vulnerability details are not available at this time...
CVE-2020-7638
confinit through 0.3.0 is vulnerable to Prototype Pollution.The 'setDeepProperty' function could be tricked into adding or modifying properties of 'Object.prototype' using a 'proto' payload...
CVE-2020-7638
confinit through 0.3.0 is vulnerable to Prototype Pollution.The 'setDeepProperty' function could be tricked into adding or modifying properties of 'Object.prototype' using a 'proto' payload...
Design/Logic Flaw
confinit through 0.3.0 is vulnerable to Prototype Pollution.The 'setDeepProperty' function could be tricked into adding or modifying properties of 'Object.prototype' using a 'proto' payload...
CVE-2020-7638
Vulnerability summary: confinit up to version 0.3.0 is affected by prototype pollution through the setDeepProperty function, which can be tricked into adding or modifying properties on Object.prototype via a proto payload. This could enable attacker-controlled changes to the prototype chain. Affe...
CVE-2020-7638
confinit through 0.3.0 is vulnerable to Prototype Pollution.The 'setDeepProperty' function could be tricked into adding or modifying properties of 'Object.prototype' using a 'proto' payload...
PT-2020-19674 · Confinit · Confinit
Name of the Vulnerable Software and Affected Versions: confinit versions 0.3.0 and earlier Description: The issue concerns Prototype Pollution, where the setDeepProperty function can be tricked into adding or modifying properties of Object.prototype using a proto payload. This allows for potentia...
Prototype Pollution
Overview confinit is an Application configuration helpers for Node.Js. Affected versions of this package are vulnerable to Prototype Pollution. The setDeepProperty function could be tricked into adding or modifying properties of Object.prototype using a proto payload. PoC var root =...