CVE-2024-45435

Chartist 1.x through 1.3.0 allows Prototype Pollution via the extend function...

PT-2024-31628 · Chartist · Chartist

Name of the Vulnerable Software and Affected Versions: Chartist versions 1.x through 1.3.0 Description: The issue allows Prototype Pollution via the extend function. This can potentially lead to security risks, as it may enable attackers to manipulate the prototype chain of objects, affecting the...

@amoy/common v was discovered to contain a prototype pollution via the function extend

amoyjs amoy common v1.0.10 was discovered to contain a prototype pollution via the function extend. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service DoS via injecting arbitrary properties...

CVE-2024-38994

amoyjs amoy common v1.0.10 was discovered to contain a prototype pollution via the function extend. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service DoS via injecting arbitrary properties...

amoy common Security Vulnerabilities

amoy common is an amoyjs open source library. A security vulnerability exists in amoy common v1.0.10, which stems from a prototype contamination via the function extend that allows an attacker to execute arbitrary code or cause a denial of service DoS by injecting arbitrary attributes...

CVE-2024-39013

2o3t-utility v0.1.2 is vulnerable to prototype pollution via the extend function. The issue allows attackers to inject arbitrary properties, enabling arbitrary code execution or Denial of Service (DoS). CVSS 3.1 base score is 9.8 (CRITICAL) with network attack vector, no authentication, and high ...

PT-2024-28323 · Unknown · 2O3T-Utility

Name of the Vulnerable Software and Affected Versions: 2o3t-utility version 0.1.2 Description: The issue allows attackers to execute arbitrary code or cause a Denial of Service DoS via injecting arbitrary properties using the extend function, which is affected by prototype pollution...

2o3t-Utility Security Vulnerabilities

2o3t-Utility is a simple Node.js basic tool library open-sourced by 2o3t. A security vulnerability exists in version v0.1.2 of 2o3t-Utility, which stems from inclusion of prototype contamination via the function extend, allowing an attacker to execute arbitrary code or cause a denial of service D...

Prototype Pollution

@alexbinary/object-deep-assign is vulnerable to Prototype Pollution. The vulnerability is due to the lack of prototype checks in the extend function within index.js. Attackers can exploit this method to copy malicious properties to the built-in Object.prototype through special properties like pro...

PT-2024-27081 · Alexbinary · Object-Deep-Assign

Name of the Vulnerable Software and Affected Versions: alexbinary object-deep-assign version 1.0.11 Description: The issue concerns a Prototype Pollution vulnerability via the extend method of Module.deepAssign, located in /src/index.js. Recommendations: For alexbinary object-deep-assign version...

object-deep-assign security vulnerability

object-deep-assign is a library by Alex Binary Personal Developer. A security vulnerability exists in object-deep-assign version 1.0.11, which stems from easy prototype contamination via extend in Module.deepAssign /src/index.js...

Prototype Pollution

Overview mockjs is a simulation data generator to help the front-end to develop and prototype separate from the back-end progress and reduce some monotony particularly while writing automated tests. Affected versions of this package are vulnerable to Prototype Pollution via the Util.extend functi...

Prototype Pollution

tree-kit is vulnerable to Prototype Pollution. The vulnerability occurs because the extend function when the unflat option is set can be used to add arbitrary properties to an object , including properties that are not defined in the object's prototype which allows an attacker to execute arbitrar...

tree-kit Prototype Pollution vulnerability

A Prototype Pollution issue in Cronvel Tree-kit v.0.7.4 and before allows a remote attacker to execute arbitrary code via the extend function...

CVE-2023-38894

A Prototype Pollution issue in Cronvel Tree-kit v.0.7.4 and before allows a remote attacker to execute arbitrary code via the extend function...

CVE-2023-38894

A Prototype Pollution issue in Cronvel Tree-kit v.0.7.4 and before allows a remote attacker to execute arbitrary code via the extend function...

PT-2023-8585 · Unknown · Cronvel Tree-Kit

Name of the Vulnerable Software and Affected Versions: Cronvel Tree-kit versions 0.7.4 and before Description: A Prototype Pollution issue in Cronvel Tree-kit allows a remote attacker to execute arbitrary code via the extend function. This issue is related to uncontrolled modification of object...

Prototype Pollution

progressbar.js is vulnerable to Prototype Pollution. The vulnerability exists in extend function at utils.js which allows an attacker to inject and modify malicious properties such as proto, resulting in prototype pollution...

GHSA-89QM-HM2X-MXM3 progressbar.js vulnerable to Prototype Pollution

All versions of the package progressbar.js prior to 1.1.1 are vulnerable to Prototype Pollution via the function extend in the file utils.js...

progressbar.js vulnerable to Prototype Pollution

All versions of the package progressbar.js prior to 1.1.1 are vulnerable to Prototype Pollution via the function extend in the file utils.js...