4 matches found
CVE-2025-57348
The node-cube package prior to version 5.0.0 contains a vulnerability in its handling of prototype chain initialization, which could allow an attacker to inject properties into the prototype of built-in objects. This issue, categorized under CWE-1321, arises from improper validation of...
CVE-2025-57348
The node-cube package prior to version 5.0.0 contains a vulnerability in its handling of prototype chain initialization, which could allow an attacker to inject properties into the prototype of built-in objects. This issue, categorized under CWE-1321, arises from improper validation of...
CVE-2025-57348
The CVE-2025-57348 entry concerns the node-cube package before version 5.0.0, affected up to 5.0.0-beta.19. The root cause is improper validation during prototype chain initialization, enabling prototype pollution by injecting properties into built-in object prototypes. Documented impacts include...
PT-2025-39323
Name of the Vulnerable Software and Affected Versions node-cube versions prior to 5.0.0 Description The node-cube package has an issue in how it initializes the prototype chain, potentially allowing an attacker to add properties to the prototype of built-in objects. This occurs due to insufficien...