4 matches found
Prototype Pollution in locutus
Overview Versions of locutus prior to 2.0.12 are vulnerable to Prototype Pollution via the php.strings.parsestr function. Recommendation Upgrade to version 2.0.12 or later References - CVE - GitHub Advisory...
CVE-2020-7719
CVE-2020-7719 affects locutus versions before 2.0.12 and is due to a prototype pollution flaw exposed via the php.strings.parse_str function. The vulnerability is described across sources (NVD, npm advisory, OSV, GHSA) and is mitigated by upgrading locutus to 2.0.12 or later. If not upgrading, af...
CVE-2020-7719 Prototype Pollution
Versions of package locutus before 2.0.12 are vulnerable to prototype Pollution via the php.strings.parsestr function...
@random-guys/coralpay-pgp (>=0.0.1 <=0.1.0), @woocommerce/components (>=1.0.0 <=1.0.1) +4 more potentially affected by CVE-2020-7719 via locutus (>=2.0.10 <=2.0.11)
locutus NPM version =2.0.10, =0.0.1, =1.0.0, =1.1.0, =1.0.2, =1.0.52, =0.1.0, =0.2.1 Source cves: CVE-2020-7719 Source advisory: SNYK:JS-LOCUTUS-598675...