@cookiex/class-state (>=0.0.1 <=0.0.2), @cookiex/cli (>=0.2.10 <=0.2.11-0) +3 more potentially affected by CVE-2021-23442 via @cookiex/deep (>=0.0.1 <=0.0.6)

@cookiex/deep NPM version =0.0.1, =0.0.1, =0.2.10, =0.0.0, =0.1.2, =0.1.3 Source cves: CVE-2021-23442 Source advisory: OSV:GHSA-92V9-XH2Q-FQ9F...

GHSA-92V9-XH2Q-FQ9F Prototype Pollution in cookiex/deep

The npm @cookiex/deep package before version 0.0.7 has a prototype pollution vulnerability. The global proto object can be polluted using the proto object...

Prototype Pollution in cookiex/deep

The npm @cookiex/deep package before version 0.0.7 has a prototype pollution vulnerability. The global proto object can be polluted using the proto object...

Prototype Pollution

@cookiex/deep is vulnerable to prototype pollution. An attacker is able to exploit the vulnerability to inject arbitrary properties into existing construct prototypes and modify attributes such as proto, constructor and prototype via the assigner function...

CVE-2021-23442

This affects all versions of package @cookiex/deep. The global proto object can be polluted using the proto object...

CVE-2021-23442 Prototype Pollution

This affects all versions of package @cookiex/deep. The global proto object can be polluted using the proto object...

CVE-2021-23442

The CVE-2021-23442 issue affects the npm package @cookiex/deep, where the global Object proto can be polluted via proto . The root cause is prototype pollution in the library, impacting all versions prior to 0.0.7. Documented references (GHSA, OSV, Veracode, NVD) indicate high impact with potenti...

CVE-2021-23442

This affects all versions of package @cookiex/deep. The global proto object can be polluted using the proto object...

Cookiex-Deep 安全漏洞

Cookiex-Deep is a library. It is used to add object recursion to a target. Cookiex-Deep has a security vulnerability that can be exploited by an attacker to cause proto objects to contaminate global proto objects...

PT-2021-15527 · Npm · @Cookiex/Deep

Name of the Vulnerable Software and Affected Versions: @cookiex/deep versions prior to 0.0.7 Description: The issue allows pollution of the global proto object using the proto object. This can potentially lead to unintended behavior or security issues in applications that use the @cookiex/deep...

@cookiex/class-state (>=0.0.1 <=0.0.2), @cookiex/cli (>=0.2.10 <=0.2.11-0) +3 more potentially affected by CVE-2021-23442 via @cookiex/deep (>=0.0.1 <=0.0.6)

@cookiex/deep NPM version =0.0.1, =0.0.1, =0.2.10, =0.0.0, =0.1.2, =0.1.3 Source cves: CVE-2021-23442 Source advisory: SNYK:JS-COOKIEXDEEP-1582793...

Prototype Pollution

Overview @cookiex/deep is a Tool to assign properties recursively and create recursion features in an easy way. Affected versions of this package are vulnerable to Prototype Pollution. The global proto object can be polluted using the proto object. PoC var deep = require"@cookiex/deep" const targ...