97 matches found
CVE-2023-26133
All versions of the package progressbar.js are vulnerable to Prototype Pollution via the function extend in the file utils.js...
ProgressBar.js 安全漏洞
ProgressBar.js is a responsive progress bar by Kimmo Brunfeldt Personal Developer. ProgressBar.js has a security vulnerability that stems from easy prototype contamination via the function extend in the file utils.js...
PT-2023-20512 · Unknown · Progressbar.Js
Name of the Vulnerable Software and Affected Versions: progressbar.js versions prior to 1.1.1 Description: The issue concerns Prototype Pollution via the extend function in the utils.js file. This affects the progressbar.js package. Recommendations: For versions prior to 1.1.1, update to version...
Prototype Pollution
collection.js is vulnerable to Prototype Pollution. The vulnerability exists due lack of sanization in the extend function of extend.js which allows an attacker to inject malicious property's such as proto, resulting in prototype pollution...
Collection.js vulnerable to Prototype Pollution
Versions of the package collection.js before 6.8.1 are vulnerable to Prototype Pollution via the extend function in Collection.js/dist/node/iterators/extend.js...
GHSA-47PJ-Q2VM-46XC Collection.js vulnerable to Prototype Pollution
Versions of the package collection.js before 6.8.1 are vulnerable to Prototype Pollution via the extend function in Collection.js/dist/node/iterators/extend.js...
CVE-2023-26113
Versions of the package collection.js before 6.8.1 are vulnerable to Prototype Pollution via the extend function in Collection.js/dist/node/iterators/extend.js...
CVE-2023-26113
Versions of the package collection.js before 6.8.1 are vulnerable to Prototype Pollution via the extend function in Collection.js/dist/node/iterators/extend.js...
CVE-2023-26113
CVE-2023-26113 affects the JavaScript package collection.js prior to 6.8.1. The root cause is a Prototype Pollution vulnerability in the extend function located at Collection.js/dist/node/iterators/extend.js, enabling polluted prototypes. Multiple sources (NVD, Red Hat, GHSA, OSV, CVE CVE lists) ...
PT-2023-20499 · Unknown · Collection.Js
Name of the Vulnerable Software and Affected Versions: collection.js versions prior to 6.8.1 Description: The issue concerns Prototype Pollution via the extend function in Collection.js/dist/node/iterators/extend.js. This affects versions of the package collection.js before 6.8.1. Recommendations...
jquery: Prototype pollution in object's prototype leading to denial of service, remote code execution, or property injection
A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the extend function could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON object passed to a vulnerable method could lead to denial of service or data injection, with...
jquery: Prototype pollution in object's prototype leading to denial of service, remote code execution, or property injection
A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the extend function could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON object passed to a vulnerable method could lead to denial of service or data injection, with...
GHSA-65RP-MHQF-8GJ3 rangy vulnerable to Prototype Pollution
All versions of the package rangy are vulnerable to Prototype Pollution when using the extend function in file rangy-core.js.The function uses recursive merge which can lead an attacker to modify properties of the Object.prototype...
CVE-2023-26102
All versions of the package rangy are vulnerable to Prototype Pollution when using the extend function in file rangy-core.js.The function uses recursive merge which can lead an attacker to modify properties of the Object.prototype...
CVE-2023-26102
All versions of the package rangy are vulnerable to Prototype Pollution when using the extend function in file rangy-core.js.The function uses recursive merge which can lead an attacker to modify properties of the Object.prototype...
Buffer overflow
All versions of the package rangy are vulnerable to Prototype Pollution when using the extend function in file rangy-core.js.The function uses recursive merge which can lead an attacker to modify properties of the Object.prototype...
CVE-2023-26102
CVE-2023-26102 affects the rangy package, where all versions are vulnerable to a prototype pollution flaw in the extend() function of rangy-core.js. The vulnerability arises from an unsafe recursive merge that can copy attacker-controlled properties onto Object.prototype, enabling pollution of al...
CVE-2023-26102
All versions of the package rangy are vulnerable to Prototype Pollution when using the extend function in file rangy-core.js.The function uses recursive merge which can lead an attacker to modify properties of the Object.prototype...
jquery: Prototype pollution in object's prototype leading to denial of service, remote code execution, or property injection
A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the extend function could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON object passed to a vulnerable method could lead to denial of service or data injection, with...
jquery: Prototype pollution in object's prototype leading to denial of service, remote code execution, or property injection
A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the extend function could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON object passed to a vulnerable method could lead to denial of service or data injection, with...