EUVD-2023-2216

Malicious code in bioql PyPI...

EUVD-2022-7692

Malicious code in bioql PyPI...

CVE-2023-38894

A Prototype Pollution issue in Cronvel Tree-kit v.0.7.4 and before allows a remote attacker to execute arbitrary code via the extend function...

The vulnerability of the Cronvel Tree-kit lies in the uncontrolled modification of object prototypes’ attributes, allowing attackers to execute arbitrary code.

The vulnerability of Cronvel Tree-kit is related to uncontrolled changes to the attributes of the object’s prototype. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

GHSA-5P42-M6F3-HPMJ tree-kit Prototype Pollution vulnerability

A Prototype Pollution issue in Cronvel Tree-kit v.0.7.4 and before allows a remote attacker to execute arbitrary code via the extend function...

CVE-2023-38894

A Prototype Pollution issue in Cronvel Tree-kit v.0.7.4 and before allows a remote attacker to execute arbitrary code via the extend function...

CVE-2023-38894

A Prototype Pollution issue in Cronvel Tree-kit v.0.7.4 and before allows a remote attacker to execute arbitrary code via the extend function...

CVE-2023-38894

A Prototype Pollution issue in Cronvel Tree-kit v.0.7.4 and before allows a remote attacker to execute arbitrary code via the extend function...

CVE-2023-38894

The CVE-2023-38894 entry concerns a Prototype Pollution vulnerability in Cronvel Tree-kit v0.7.4 and earlier. Affected component: the extend function used on nested objects. Root cause: prototype contamination allows an attacker to manipulate object prototypes, enabling remote arbitrary code exec...

PT-2023-8585 · Unknown · Cronvel Tree-Kit

Name of the Vulnerable Software and Affected Versions: Cronvel Tree-kit versions 0.7.4 and before Description: A Prototype Pollution issue in Cronvel Tree-kit allows a remote attacker to execute arbitrary code via the extend function. This issue is related to uncontrolled modification of object...

CVE-2023-38894

A Prototype Pollution issue in Cronvel Tree-kit v.0.7.4 and before allows a remote attacker to execute arbitrary code via the extend function...

CVE-2023-38894

A Prototype Pollution issue in Cronvel Tree-kit v.0.7.4 and before allows a remote attacker to execute arbitrary code via the extend function...

tree-kit vulnerable to Prototype Pollution

A vulnerability classified as problematic has been found in cronvel tree-kit up to 0.6.x. This affects an unknown part. The manipulation leads to improperly controlled modification of object prototype attributes 'prototype pollution'. Upgrading to version 0.7.0 is able to address this issue. The...

CVE-2021-4278

A vulnerability classified as problematic has been found in cronvel tree-kit up to 0.6.x. This affects an unknown part. The manipulation leads to improperly controlled modification of object prototype attributes 'prototype pollution'. Upgrading to version 0.7.0 is able to address this issue. The...

CVE-2021-4278

A vulnerability classified as problematic has been found in cronvel tree-kit up to 0.6.x. This affects an unknown part. The manipulation leads to improperly controlled modification of object prototype attributes 'prototype pollution'. Upgrading to version 0.7.0 is able to address this issue. The...

Design/Logic Flaw

A vulnerability classified as problematic has been found in cronvel tree-kit up to 0.6.x. This affects an unknown part. The manipulation leads to improperly controlled modification of object prototype attributes 'prototype pollution'. Upgrading to version 0.7.0 is able to address this issue. The...

CVE-2021-4278 cronvel tree-kit prototype pollution

A vulnerability classified as problematic has been found in cronvel tree-kit up to 0.6.x. This affects an unknown part. The manipulation leads to improperly controlled modification of object prototype attributes 'prototype pollution'. Upgrading to version 0.7.0 is able to address this issue. The...

PT-2022-11686 · Unknown · Cronvel Tree-Kit

Name of the Vulnerable Software and Affected Versions: cronvel tree-kit versions up to 0.6.x Description: A problematic vulnerability has been found, affecting an unknown part of the software. The issue leads to improperly controlled modification of object prototype attributes, also known as...