7 matches found
EUVD-2018-0190
Malware in sbrugna...
GHSA-C429-5P7V-VGJP hoek subject to prototype pollution via the clone function.
hoek versions prior to 8.5.1, and 9.x prior to 9.0.3 are vulnerable to prototype pollution in the clone function. If an object with the proto key is passed to clone the key is converted to a prototype. This issue has been patched in version 9.0.3, and backported to 8.5.1...
DEBIAN-CVE-2020-36604
hoek before 8.5.1 and 9.x before 9.0.3 allows prototype poisoning in the clone function...
UBUNTU-CVE-2020-36604
hoek before 8.5.1 and 9.x before 9.0.3 allows prototype poisoning in the clone function...
hoek: Prototype pollution in utilities function
hoek node module before 4.2.0 and 5.0.x before 5.0.3 suffers from a Modification of Assumed-Immutable Data MAID vulnerability via 'merge' and 'applyToDefaults' functions, which allows a malicious user to modify the prototype of "Object" via proto, causing the addition or modification of an existi...
GHSA-JP4X-W63M-7WGM Prototype Pollution in hoek
Versions of hoek prior to 4.2.1 and 5.0.3 are vulnerable to prototype pollution. The merge function, and the applyToDefaults and applyToDefaultsWithShallow functions which leverage merge behind the scenes, are vulnerable to a prototype pollution attack when provided an unvalidated payload created...
UBUNTU-CVE-2018-3728
hoek node module before 4.2.0 and 5.0.x before 5.0.3 suffers from a Modification of Assumed-Immutable Data MAID vulnerability via 'merge' and 'applyToDefaults' functions, which allows a malicious user to modify the prototype of "Object" via proto, causing the addition or modification of an existi...