CVE-2022-37257

Prototype pollution vulnerability in function convertLater in npm-convert.js in stealjs steal 2.2.4 via the requestedVersion variable in npm-convert.js...

Prototype Pollution

steal is vulnerable to prototype pollution. The vulnerability exists because of lack of validation in convertLater function in npm-convert.js which allows an attacker to inject malicious characteristics to add new values to a javascript application object prototype,overwriting or contaminating th...

GHSA-GVJW-8MMR-8F6G steal vulnerable to Prototype Pollution

Prototype pollution vulnerability in function convertLater in npm-convert.js in stealjs steal 2.2.4 via the packageName variable in npm-convert.js...

CVE-2022-37258

Prototype pollution vulnerability in function convertLater in npm-convert.js in stealjs steal 2.2.4 via the packageName variable in npm-convert.js...

GHSA-93Q5-3XPC-8VG3 steal vulnerable to Prototype Pollution via requestedVersion variable

Prototype pollution vulnerability in function convertLater in npm-convert.js in stealjs steal via the requestedVersion variable in the npm-convert.js file...

CVE-2022-37257

Prototype pollution vulnerability in function convertLater in npm-convert.js in stealjs steal 2.2.4 via the requestedVersion variable in npm-convert.js...

steal 安全漏洞

steal is StealJS open source an extensible general-purpose module loader . It can load JavaScript modules defined in ES6, AMD and CommonJS formats. A security vulnerability exists in steal version 2.2.4 that stems from prototype contamination in the function convertLater in npm-convert.js via the...