13 matches found
Prototype Pollution
web3-core-method is vulnerable to Prototype Pollution. The vulnerability is due to improper handling of user-supplied input in the attachToObject function, which allows an attacker to supply a crafted payload and inject properties into the Object.prototype, potentially leading to denial of servic...
EUVD-2025-31063
Malicious code in bioql PyPI...
CVE-2025-57329
web3-core-method is a package designed to creates the methods on the web3 modules. A Prototype Pollution vulnerability in the attachToObject function of web3-core-method version 1.10.4 and before allows attackers to inject properties on Object.prototype via supplying a crafted payload, causing...
GHSA-2J4C-9QQQ-896R web3-core-method is vulnerable to prototype pollution
web3-core-method is a package designed to creates the methods on the web3 modules. A Prototype Pollution vulnerability in the attachToObject function of web3-core-method version 1.10.4 and before allows attackers to inject properties on Object.prototype via supplying a crafted payload, causing...
003-gas-convert (=1.0.1), 0x-hunter-core (>=1.0.0 <=1.0.1-5) +6583 more potentially affected by CVE-2025-57329 via web3-core-method (>=1.0.0-beta.52 <=3.0.0-rc.5)
web3-core-method NPM version =1.0.0-beta.52, =1.0.0, =0.0.3, =0.0.3, =0.0.31, =1.1.0, =0.9.9, =0.1.0, =0.1.1 - 55tools-block =1.0.0 - 55tools-block-ext =1.0.0 - 84447xe5t8 =1.0.0 and more Source cves: CVE-2025-57329 Source advisory: SNYK:JS-WEB3COREMETHOD-13110028...
web3-core-method is vulnerable to prototype pollution
web3-core-method is a package designed to creates the methods on the web3 modules. A Prototype Pollution vulnerability in the attachToObject function of web3-core-method version 1.10.4 and before allows attackers to inject properties on Object.prototype via supplying a crafted payload, causing...
0x-relayer-cat (>=0.0.3 <=0.0.10), @1-dao-protocol/juice-contracts-v3 (>=3.1.3 <=3.1.4) +1439 more potentially affected by CVE-2025-57329 via web3-core-method (>=1.0.0-beta.52 <=1.10.3)
web3-core-method NPM version =1.0.0-beta.52, =0.0.3, =3.1.3, =1.0.2, =2.0.3, =1.14.5, =1.0.7, =0.1.0, =10.4.0, =9.0.0, =9.2.0 - @acentswap/aceswap-sdk =9.0.0 and more Source cves: CVE-2025-57329 Source advisory: OSV:GHSA-2J4C-9QQQ-896R...
CVE-2025-57329
web3-core-method is a package designed to creates the methods on the web3 modules. A Prototype Pollution vulnerability in the attachToObject function of web3-core-method version 1.10.4 and before allows attackers to inject properties on Object.prototype via supplying a crafted payload, causing...
CVE-2025-57329
web3-core-method is a package designed to creates the methods on the web3 modules. A Prototype Pollution vulnerability in the attachToObject function of web3-core-method version 1.10.4 and before allows attackers to inject properties on Object.prototype via supplying a crafted payload, causing...
PT-2025-39328
Name of the Vulnerable Software and Affected Versions web3-core-method versions 1.10.4 and earlier Description A Prototype Pollution issue exists in the attachToObject function of web3-core-method. Attackers can inject properties onto Object.prototype by providing a crafted payload. This can lead...
CVE-2025-57329
web3-core-method is a package designed to creates the methods on the web3 modules. A Prototype Pollution vulnerability in the attachToObject function of web3-core-method version 1.10.4 and before allows attackers to inject properties on Object.prototype via supplying a crafted payload, causing...
CVE-2025-57329
web3-core-method is a package designed to creates the methods on the web3 modules. A Prototype Pollution vulnerability in the attachToObject function of web3-core-method version 1.10.4 and before allows attackers to inject properties on Object.prototype via supplying a crafted payload, causing...
CVE-2025-57329
CVE-2025-57329 affects the JavaScript package web3-core-method (attachToObject) up to version 1.10.4. A prototype pollution flaw allows an attacker-supplied payload to inject properties into Object.prototype, potentially causing a denial of service (DoS) as the minimum consequence. Public referen...