4 matches found
CVE-2020-28278
Prototype pollution vulnerability in 'shvl' versions 1.0.0 through 2.0.1 allows an attacker to cause a denial of service and may lead to remote code execution...
CVE-2020-28278
creationtimestamp| type| source ---|---|--- 2022-05-24 17:37:25+00:00| published-proof-of-concept| https://github.com/advisories/GHSA-pqwc-3vhw-qcvq...
CVE-2020-28278
Prototype pollution vulnerability in 'shvl' versions 1.0.0 through 2.0.1 allows an attacker to cause a denial of service and may lead to remote code execution...
CVE-2020-28278
Summary (CVE-2020-28278) : The npm module shvl (versions 1.0.0–2.0.1) is affected by a prototype-pollution vulnerability. The issue arises in the set() function where unvalidated paths (e.g., proto ) can pollute Object.prototype, enabling Denial of Service and potentially Remote Code Execution. P...