Lucene search
K

15 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.13 views

Linux Distros Unpatched Vulnerability : CVE-2019-10746

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mixin-deep is vulnerable to Prototype Pollution in versions before 1.3.2 and version 2.0.0. The function mixin-deep could be tricked into adding or modifying...

9.8CVSS8AI score0.03508EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.30 views

RHEL 8 : nodejs-mixin-deep (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - nodejs-mixin-deep: prototype pollution in function mixin-deep CVE-2019-10746 Note that Nessus has not tested for th...

9.5AI score0.03508EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2023/11/07 12:0 a.m.41 views

Rocky Linux 8 : nodejs:12 (RLSA-2021:0549)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:0549 advisory. - The utilities function in all versions = 0.5.0 of the deep-extend node module can be tricked into modifying the prototype of Object when the attacker...

9.8CVSS7.1AI score0.16296EPSS
Exploits8References14
Tenable Nessus
Tenable Nessus
added 2022/09/15 12:0 a.m.48 views

RHEL 7 : rh-nodejs12-nodejs (RHSA-2021:0485)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:0485 advisory. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The...

9.8CVSS7.2AI score0.16296EPSS
Exploits8References16
OSV
OSV
added 2021/02/16 7:34 a.m.42 views

RLSA-2021:0549 Moderate: nodejs:12 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs 12.20.1, nodejs-nodemon 2.0.3. Security Fixes: nodejs-mixin-deep: prototype pollutio...

8.1CVSS9AI score0.16296EPSS
Exploits8References7
Tenable Nessus
Tenable Nessus
added 2021/02/16 12:0 a.m.260 views

RHEL 8 : nodejs:12 (RHSA-2021:0549)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:0549 advisory. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The...

9.8CVSS7.2AI score0.16296EPSS
Exploits8References16
RedHat Linux
RedHat Linux
added 2021/02/11 1:37 p.m.105 views

Moderate: Red Hat Security Advisory: rh-nodejs12-nodejs security update

An update for rh-nodejs12-nodejs is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

9.8CVSS6.7AI score0.16296EPSS
Exploits8References7
Tenable Nessus
Tenable Nessus
added 2020/02/10 12:0 a.m.61 views

Fedora 30 : nodejs-mixin-deep (2020-4a8f110332)

Update to upstream 1.3.2 release for CVE-2019-10746 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...

9.8CVSS8.1AI score0.03508EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2020/02/10 12:0 a.m.53 views

Fedora 31 : nodejs-mixin-deep (2020-f80e5c0d65)

Update to upstream 1.3.2 release for CVE-2019-10746 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...

9.8CVSS8.1AI score0.03508EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2020/02/08 12:0 a.m.32 views

Fedora: Security Advisory for nodejs-mixin-deep (FEDORA-2020-f80e5c0d65)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS9.6AI score0.03508EPSS
Exploits1References2
vulnersOsv
vulnersOsv
added 2019/08/27 5:42 p.m.4 views

ts-node-server (>=1.1.0 <=2.0.0) potentially affected by CVE-2019-10746 via mixin-deep (=2.0.0)

mixin-deep NPM version =2.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on mixin-deep and may be impacted: - ts-node-server =1.1.0, =2.0.0 Source cves: CVE-2019-10746 Source advisory: OSV:GHSA-FHJF-83WG-R2J9...

9.8CVSS7.2AI score0.03508EPSS
Exploits1
UbuntuCve
UbuntuCve
added 2019/08/23 5:15 p.m.37 views

CVE-2019-10746

mixin-deep is vulnerable to Prototype Pollution in versions before 1.3.2 and version 2.0.0. The function mixin-deep could be tricked into adding or modifying properties of Object.prototype using a constructor payload...

9.8CVSS7.2AI score0.03508EPSS
Exploits1References4
Debian CVE
Debian CVE
added 2019/08/23 4:43 p.m.26 views

CVE-2019-10746

mixin-deep is vulnerable to Prototype Pollution in versions before 1.3.2 and version 2.0.0. The function mixin-deep could be tricked into adding or modifying properties of Object.prototype using a constructor payload...

9.8CVSS9.1AI score0.03508EPSS
Exploits1
CVE
CVE
added 2019/08/23 4:43 p.m.551 views

CVE-2019-10746

CVE-2019-10746 affects the nodejs mixin-deep module (versions before 1.3.2 and 2.0.0) and is due to prototype pollution: an attacker can use a constructor payload to add or modify properties on Object.prototype. Inffected ecosystems include applications reporting this vulnerability via Nessus/Mir...

9.8CVSS9.1AI score0.03508EPSS
Exploits1References4Affected Software1
vulnersOsv
vulnersOsv
added 2019/06/19 9:34 a.m.6 views

clam-util (>=0.0.5 <=0.1.20), generator-clam (>=0.1.68 <=0.1.86) +2 more potentially affected by CVE-2019-10746 via mixin-deep (=1.0.1)

mixin-deep NPM version =1.0.1 is affected by a known vulnerability. The following packages have a transitive dependency on mixin-deep and may be impacted: - clam-util =0.0.5, =0.1.68, =0.3.0, =0.4.12 - grunt-formatdata =0.1.1 Source cves: CVE-2019-10746 Source advisory: SNYK:JS-MIXINDEEP-450212...

9.8CVSS7.2AI score0.03508EPSS
Exploits1
Rows per page
Query Builder