6 matches found
CVE-2019-10794
All versions of component-flatten are vulnerable to Prototype Pollution. The a function could be tricked into adding or modifying properties of Object.prototype using a proto payload...
byways (>=1.2.0 <=1.5.2), component-build (>=1.0.0 <=1.2.2) +17 more potentially affected by CVE-2019-10794 via component-flatten (>=0.0.1 <=1.0.1)
component-flatten NPM version =0.0.1, =1.2.0, =1.0.0, =1.0.0, =1.3.0, =0.0.3, =0.1.0, =1.0.0, =1.0.0, =0.2.0, =1.0.0, =1.2.0, =0.0.1, =0.0.1, =0.0.4 - faiton-builder =1.1.10 and more Source cves: CVE-2019-10794 Source advisory: OSV:GHSA-G6R3-HHG9-QF58...
Security Bulletin: IBM Event Streams is affected by multiple Node.js vulnerabilities
Summary IBM Event Streams is affected by the following vulnerabilities in the included Node.js runtime shipped. Vulnerability Details CVEID: CVE-2019-10795 DESCRIPTION: Node.js undefsafe module could allow a remote authenticated attacker to execute arbitrary code on the system, caused by a...
CVE-2019-10794
All versions of component-flatten are vulnerable to Prototype Pollution. The a function could be tricked into adding or modifying properties of Object.prototype using a proto payload...
CVE-2019-10794
CVE-2019-10794 affects component-flatten, where all versions are vulnerable to prototype pollution via a proto payload. The flaw enables an attacker to trick the program into adding or modifying properties on Object.prototype, with consequences including potential arbitrary code execution as desc...
byways (>=1.2.0 <=1.5.2), component-build (>=1.0.0 <=1.2.2) +17 more potentially affected by CVE-2019-10794 via component-flatten (>=0.0.1 <=1.0.1)
component-flatten NPM version =0.0.1, =1.2.0, =1.0.0, =1.0.0, =1.3.0, =0.0.3, =0.1.0, =1.0.0, =1.0.0, =0.2.0, =1.0.0, =1.2.0, =0.0.1, =0.0.1, =0.0.4 - faiton-builder =1.1.10 and more Source cves: CVE-2019-10794 Source advisory: SNYK:JS-COMPONENTFLATTEN-548907...