EUVD-2022-0723

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2018-16472

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A prototype pollution attack in cached-path-relative versions =1.0.1 allows an attacker to inject properties on Object.prototype which are then inherited by all...

DLA-3221-1 node-cached-path-relative - security update

Bulletin has no description...

Debian: Security Advisory (DLA-3221-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian dla-3221 : node-cached-path-relative - security update

The remote Debian 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-3221 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3221-1 [email protected]...

@stackstorm/st2-build (>=2.3.1 <=2.4.3), ccxt-without-theocean (=1.18.151) +3 more potentially affected by CVE-2021-23518 via cached-path-relative (=1.0.2)

cached-path-relative NPM version =1.0.2 is affected by a known vulnerability. The following packages have a transitive dependency on cached-path-relative and may be impacted: - @stackstorm/st2-build =2.3.1, =1.0.0, =1.18.173, =1.18.242 Source cves: CVE-2021-23518 Source advisory:...

Prototype Pollution in cached-path-relative

The package cached-path-relative before 1.1.0 is vulnerable to Prototype Pollution via the cache variable that is set as instead of Object.createnull in the cachedPathRelative function, which allows access to the parent prototype properties when the object is used to create the cached relative...

GHSA-WG6G-PPVX-927H Prototype Pollution in cached-path-relative

The package cached-path-relative before 1.1.0 is vulnerable to Prototype Pollution via the cache variable that is set as instead of Object.createnull in the cachedPathRelative function, which allows access to the parent prototype properties when the object is used to create the cached relative...

Prototype Pollution

cached-path-relative is vulnerable to prototype pollution. The vulnerability exists due to a lack of sanitization for the key types, allowing an attacker to exploit the vulnerability by injecting arbitrary properties into existing construct prototypes and modify attributes such as proto,...

CVE-2021-23518

The package cached-path-relative before 1.1.0 are vulnerable to Prototype Pollution via the cache variable that is set as instead of Object.createnull in the cachedPathRelative function, which allows access to the parent prototype properties when the object is used to create the cached relative...

DEBIAN-CVE-2021-23518

The package cached-path-relative before 1.1.0 are vulnerable to Prototype Pollution via the cache variable that is set as instead of Object.createnull in the cachedPathRelative function, which allows access to the parent prototype properties when the object is used to create the cached relative...

CVE-2021-23518

The package cached-path-relative before 1.1.0 are vulnerable to Prototype Pollution via the cache variable that is set as instead of Object.createnull in the cachedPathRelative function, which allows access to the parent prototype properties when the object is used to create the cached relative...

CVE-2021-23518

The package cached-path-relative before 1.1.0 are vulnerable to Prototype Pollution via the cache variable that is set as instead of Object.createnull in the cachedPathRelative function, which allows access to the parent prototype properties when the object is used to create the cached relative...

UBUNTU-CVE-2021-23518

The package cached-path-relative before 1.1.0 are vulnerable to Prototype Pollution via the cache variable that is set as instead of Object.createnull in the cachedPathRelative function, which allows access to the parent prototype properties when the object is used to create the cached relative...

CVE-2021-23518 Prototype Pollution

The package cached-path-relative before 1.1.0 are vulnerable to Prototype Pollution via the cache variable that is set as instead of Object.createnull in the cachedPathRelative function, which allows access to the parent prototype properties when the object is used to create the cached relative...

CVE-2021-23518

The package cached-path-relative before 1.1.0 are vulnerable to Prototype Pollution via the cache variable that is set as instead of Object.createnull in the cachedPathRelative function, which allows access to the parent prototype properties when the object is used to create the cached relative...

CVE-2021-23518

CVE-2021-23518 affects cached-path-relative (before 1.1.0). The root cause is prototype pollution: the cache variable is created as {} instead of Object.create(null) in the cachedPathRelative function, allowing access to parent prototype properties when building the cached relative path. When ori...

cached-path-relative 安全漏洞

cached-path-relative is an open source npm package. A security vulnerability exists in cached-path-relative prior to version 1.1.0, which stems from a problematic implementation of cache variable settings. The software is susceptible to prototype contamination...

PT-2022-9406 · Unknown · Cached-Path-Relative

Name of the Vulnerable Software and Affected Versions: cached-path-relative versions prior to 1.1.0 Description: The issue allows for Prototype Pollution via the cache variable set as instead of Object.createnull in the cachedPathRelative function. This enables access to parent prototype properti...

Prototype Pollution

Overview cached-path-relative is a memoize the results of the path.relative function. Affected versions of this package are vulnerable to Prototype Pollution via the cache variable that is set as instead of Object.createnull in the cachedPathRelative function, which allows access to the parent...