3 matches found
CVE-2020-28279
Prototype pollution vulnerability in 'flattenizer' versions 0.0.5 through 1.0.5 allows an attacker to cause a denial of service and may lead to remote code execution...
CVE-2020-28279
Prototype pollution vulnerability in 'flattenizer' versions 0.0.5 through 1.0.5 allows an attacker to cause a denial of service and may lead to remote code execution...
CVE-2020-28279
CVE-2020-28279 is a prototype pollution vulnerability in the npm module flattenizer, affecting versions 0.0.5 through 1.0.5. The root cause is unsafe assignment during object property pollution (e.g., unflatten()), which can allow an attacker to corrupt Object prototypes, leading to Denial of Ser...