5 matches found
CVE-2020-7617
ini-parser through 0.0.2 is vulnerable to Prototype Pollution.The library could be tricked into adding or modifying properties of Object.prototype using a 'proto' payload...
@dawnjs/cli (>=1.11.0 <=1.13.7), @dawnjs/dn-middleware-lint (=3.0.12) +49 more potentially affected by CVE-2020-7617 via ini-parser (=0.0.2)
ini-parser NPM version =0.0.2 is affected by a known vulnerability. The following packages have a transitive dependency on ini-parser and may be impacted: - @dawnjs/cli =1.11.0, =1.0.0, =0.0.1, =1.0.0-beta, =0.0.2, =0.0.1, =0.5.12, =1.0.1, =0.0.1, =3.0.0, =1.0.11, =1.1.4 and more Source cves:...
CVE-2020-7617
ini-parser through 0.0.2 is vulnerable to Prototype Pollution.The library could be tricked into adding or modifying properties of Object.prototype using a 'proto' payload...
CVE-2020-7617 Prototype Pollution
ini-parser through 0.0.2 is vulnerable to Prototype Pollution.The library could be tricked into adding or modifying properties of Object.prototype using a 'proto' payload...
@dawnjs/cli (>=1.11.0 <=1.13.7), @dawnjs/dn-middleware-lint (=3.0.12) +49 more potentially affected by CVE-2020-7617 via ini-parser (=0.0.2)
ini-parser NPM version =0.0.2 is affected by a known vulnerability. The following packages have a transitive dependency on ini-parser and may be impacted: - @dawnjs/cli =1.11.0, =1.0.0, =0.0.1, =1.0.0-beta, =0.0.2, =0.0.1, =0.5.12, =1.0.1, =0.0.1, =3.0.0, =1.0.11, =1.1.4 and more Source cves:...