3 matches found
CVE-2019-10798
rdf-graph-array through 0.3.0-rc6 manipulation of JavaScript objects resutling in Prototype Pollution. The rdf.Graph.prototype.add method could be tricked into adding or modifying properties of Object.prototype...
CVE-2019-10798
rdf-graph-array through 0.3.0-rc6 manipulation of JavaScript objects resutling in Prototype Pollution. The rdf.Graph.prototype.add method could be tricked into adding or modifying properties of Object.prototype...
@rdfoo/rdf-parser-n3 (>=0.3.0 <=0.4.0), arca-ontodia (>=0.9.36 <=0.9.47) +63 more potentially affected by CVE-2019-10798 via rdf-graph-array (=0.3.0)
rdf-graph-array NPM version =0.3.0 is affected by a known vulnerability. The following packages have a transitive dependency on rdf-graph-array and may be impacted: - @rdfoo/rdf-parser-n3 =0.3.0, =0.9.36, =0.3.0, =0.0.2, =1.0.0, =0.1.1, =0.1.0, =1.0.0, =0.0.1-alpha.1, =0.1.0, =0.1.0, =0.5.0 and...