EUVD-2021-2587

Malware in sbrugna...

GHSA-V39H-QM32-8GWQ Improperly Controlled Modification of Dynamically-Determined Object Attributes in express-mock-middleware

express-mock-middleware through 0.0.6 is vulnerable to Prototype Pollution. Exported functions by the package can be tricked into adding or modifying properties of the Object.prototype. Exploitation of this vulnerability requires creation of a new directory where an attack code can be placed whic...

Prototype Pollution

express-mock-middleware is vulnerable to Prototype Pollution. It allows an attacker to inject properties of the Object.prototype, manipulating the attributes by overwriting, or polluting them...

express-mock-middleware input validation error vulnerability

express-mock-middleware is a mock middleware. An input validation error vulnerability exists in express-mock-middleware version 0.0.6 and earlier. The vulnerability stems from a network system or product that does not properly validate input data. No detailed vulnerability details are provided at...

CVE-2020-7616

express-mock-middleware through 0.0.6 is vulnerable to Prototype Pollution. Exported functions by the package can be tricked into adding or modifying properties of the Object.prototype. Exploitation of this vulnerability requires creation of a new directory where an attack code can be placed whic...

CVE-2020-7616

express-mock-middleware through 0.0.6 is vulnerable to Prototype Pollution. Exported functions by the package can be tricked into adding or modifying properties of the Object.prototype. Exploitation of this vulnerability requires creation of a new directory where an attack code can be placed whic...

CVE-2020-7616

The CVE-2020-7616 entry concerns express-mock-middleware up to version 0.0.6. Affected component: exported functions of the package that can be manipulated to pollute Object.prototype (prototype pollution). Root cause: exploitation requires placing attack code in a newly created directory so that...

PT-2020-19656 · Npm · Express-Mock-Middleware

Name of the Vulnerable Software and Affected Versions: express-mock-middleware versions 0.0.0 through 0.0.6 Description: The issue allows exported functions by the package to be tricked into adding or modifying properties of the Object.prototype, which can be exploited by creating a new directory...

Prototype Pollution

Overview express-mock-middleware is an A simple mock middleware for express. Affected versions of this package are vulnerable to Prototype Pollution. Exported functions by the package can be tricked into adding or modifying properties of the Object.prototype. Exploitation of this vulnerability...