14 matches found
Linux Distros Unpatched Vulnerability : CVE-2022-37598
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Prototype pollution vulnerability in function DEFNODE in ast.js in mishoo UglifyJS 3.13.2 via the name variable in ast.js. NOTE: the vendor considers this an...
CVE-2022-37598
A prototype pollution vulnerability was found in UglifyJS, stemming from the DEFNODE function in ast.js via the name variable. Exploiting this flaw involves adding or altering properties of the Object.prototype through a "proto" or constructor payload, enabling an attacker to execute arbitrary co...
Prototype Pollution
uglify-js is vulnerable to prototype pollution. The vulnerability exists in DEFNODE function of ast.js via the name variable which allows an attacker to inject malicious property resulting in prototype pollution...
DEBIAN-CVE-2022-37598
Prototype pollution vulnerability in function DEFNODE in ast.js in mishoo UglifyJS 3.13.2 via the name variable in ast.js. NOTE: the vendor considers this an invalid report...
CVE-2022-37598
Prototype pollution vulnerability in function DEFNODE in ast.js in mishoo UglifyJS 3.13.2 via the name variable in ast.js. NOTE: the vendor considers this an invalid report...
CVE-2022-37598
Prototype pollution vulnerability in function DEFNODE in ast.js in mishoo UglifyJS 3.13.2 via the name variable in ast.js. NOTE: the vendor considers this an invalid report...
UBUNTU-CVE-2022-37598
DISPUTED Prototype pollution vulnerability in function DEFNODE in ast.js in mishoo UglifyJS 3.13.2 via the name variable in ast.js. NOTE: the vendor considers this an invalid report...
Code injection
DISPUTED Prototype pollution vulnerability in function DEFNODE in ast.js in mishoo UglifyJS 3.13.2 via the name variable in ast.js. NOTE: the vendor considers this an invalid report...
UglifyJS 安全漏洞
UglifyJS is a JavaScript parser, compressor, cruncher and beautification toolkit for mishoo individual developers. A security vulnerability exists in UglifyJS version 3.13.2, which stems from the susceptibility of ast.js' DEFNODE function to prototype contamination...
CVE-2022-37598
Prototype pollution vulnerability in function DEFNODE in ast.js in mishoo UglifyJS 3.13.2 via the name variable in ast.js. NOTE: the vendor considers this an invalid report...
CVE-2022-37598
Prototype pollution vulnerability in function DEFNODE in ast.js in mishoo UglifyJS 3.13.2 via the name variable in ast.js. NOTE: the vendor considers this an invalid report...
CVE-2022-37598
CVE-2022-37598 describes a prototype pollution in Mishoo UglifyJS 3.13.2’s ast.js DEFNODE function, triggered via the name variable and payloads that modify Object.prototype. The connected sources show multiple advisories referencing the same vulnerability in the UglifyJS module, including notes ...
CVE-2022-37598
Prototype pollution vulnerability in function DEFNODE in ast.js in mishoo UglifyJS 3.13.2 via the name variable in ast.js. NOTE: the vendor considers this an invalid report...
PT-2022-24020 · Mishoo +1 · Uglify-Js +1
Name of the Vulnerable Software and Affected Versions: mishoo UglifyJS version 3.13.2 Description: The issue is related to a prototype pollution vulnerability in the function DEFNODE in ast.js, specifically via the name variable. This vulnerability is present in mishoo UglifyJS. The vendor has...