CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4 matches found

SUSE CVE•added 2023/10/31 2:34 a.m.•4 views

SUSE CVE-2019-10747

set-value is vulnerable to Prototype Pollution in versions lower than 3.0.1. The function mixin-deep could be tricked into adding or modifying properties of Object.prototype using any of the constructor, prototype and proto payloads...

9.8CVSS9.4AI score0.02475EPSS

Exploits1References2

RedHat Linux•added 2022/06/06 9:29 a.m.•0 views

minimist: prototype pollution

An Uncontrolled Resource Consumption flaw was found in minimist. The original fix for CVE-2020-7598 was incomplete as it was still possible to bypass in some cases. This flaw CVE-2021-44906 allows an attacker to trick the library into adding or modifying the properties of Object.prototype, using ...

9.8CVSS6.8AI score0.04581EPSS

Exploits1References5

Snyk•added 2021/07/20 1:42 p.m.•1 views

Prototype Pollution

Overview com.graphhopper:graphhopper-web-bundle is a GraphHopper routing engine as a web-service Affected versions of this package are vulnerable to Prototype Pollution. The URL parser could be tricked into adding or modifying properties of Object.prototype using a constructor or proto payload. P...

5.4CVSS6.2AI score0.01401EPSS

Exploits1References2