CVE-2023-46308

In Plotly plotly.js before 2.25.2, plot API calls have a risk of proto being polluted in expandObjectPaths or nestedProperty...

CVE-2023-46308

In Plotly plotly.js before 2.25.2, plot API calls have a risk of proto being polluted in expandObjectPaths or nestedProperty...

CVE-2023-45811

Synchrony deobfuscator is a javascript cleaner & deobfuscator. A proto pollution vulnerability exists in versions before v2.4.4. Successful exploitation could lead to arbitrary code execution. A proto pollution vulnerability exists in the LiteralMap transformer allowing crafted input to modify...

Code injection

Synchrony deobfuscator is a javascript cleaner & deobfuscator. A proto pollution vulnerability exists in versions before v2.4.4. Successful exploitation could lead to arbitrary code execution. A proto pollution vulnerability exists in the LiteralMap transformer allowing crafted input to modify...

CVE-2023-45811

Synchrony deobfuscator (JavaScript cleaner/deobfuscator) contains a prototype pollution vulnerability in the LiteralMap transformer that allows crafted input to modify Object.prototype. This affects versions before 2.4.4 and could lead to arbitrary code execution. A fix is available in deobfuscat...

CVE-2023-45811 Prototype pollution vulnerability leading to arbitrary code execution in synchrony deobfuscator

Synchrony deobfuscator is a javascript cleaner & deobfuscator. A proto pollution vulnerability exists in versions before v2.4.4. Successful exploitation could lead to arbitrary code execution. A proto pollution vulnerability exists in the LiteralMap transformer allowing crafted input to modify...

Prototype Pollution

Overview lodash is an utility library delivering consistency, modularity, performance, & extras. Affected versions of this package are vulnerable to Prototype Pollution. The functions merge, mergeWith, and defaultsDeep could be tricked into adding or modifying properties of Object.prototype. This...