Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 7:50 a.m.10 views

CVE-2019-10745

assign-deep is vulnerable to Prototype Pollution in versions before 0.4.8 and version 1.0.0. The function assign-deep could be tricked into adding or modifying properties of Object.prototype using either a constructor or a proto payload...

7.5CVSS6.7AI score0.01142EPSS
Exploits1References1
OSV
OSV
added 2019/08/20 7:15 p.m.7 views

CVE-2019-10745

assign-deep is vulnerable to Prototype Pollution in versions before 0.4.8 and version 1.0.0. The function assign-deep could be tricked into adding or modifying properties of Object.prototype using either a constructor or a proto payload...

7.5CVSS7.1AI score
Exploits0References1
CVE
CVE
added 2019/08/20 6:13 p.m.63 views

CVE-2019-10745

The CVE-2019-10745 entry concerns the assign-deep module, which is vulnerable to Prototype Pollution. Affected versions are before 0.4.8 and version 1.0.0, where the assign-deep function could be tricked into adding or modifying properties of Object.prototype via a constructor or proto payload. T...

7.5CVSS7.4AI score0.01142EPSS
Exploits1References1Affected Software1
vulnersOsv
vulnersOsv
added 2019/06/19 9:28 a.m.8 views

@careteam/mfe-init (=0.0.8), @topfeed/topfeed (>=0.0.30 <=0.0.44) +69 more potentially affected by CVE-2019-10745 via assign-deep (>=0.1.2 <=0.4.7)

assign-deep NPM version =0.1.2, =0.0.30, =0.0.1, =1.0.0, =0.0.1, =0.1.0, =1.0.0, =1.2.0, =0.0.1, =1.0.0, =1.0.0, =0.0.1, =0.0.1, =1.0.0, =2.3.0 and more Source cves: CVE-2019-10745 Source advisory: SNYK:JS-ASSIGNDEEP-450211...

7.5CVSS7.1AI score0.01142EPSS
Exploits1
Rows per page
Query Builder