10 matches found
EUVD-2022-0816
Malicious code in bioql PyPI...
Prototype Pollution in bmoor
The package bmoor before 0.10.1 is vulnerable to Prototype Pollution due to missing sanitization in set function. Note: This vulnerability derives from an incomplete fix in CVE-2020-7736...
GHSA-4M8H-H59M-M34J Prototype Pollution in bmoor
The package bmoor before 0.10.1 is vulnerable to Prototype Pollution due to missing sanitization in set function. Note: This vulnerability derives from an incomplete fix in CVE-2020-7736...
Prototype Pollution
bmoor is vulnerable to prototype pollution. The vulnerability exists due to an incomplete fix for CVE-2020-7736 where an attacker is able to inject properties into existing construct prototypes and modify attributes such as proto, constructor and prototype via the set function...
Design/Logic Flaw
The package bmoor before 0.10.1 are vulnerable to Prototype Pollution due to missing sanitization in set function. Note: This vulnerability derives from an incomplete fix in CVE-2020-7736...
CVE-2021-23558
The CVE-2021-23558 entry affects the JavaScript library bmoor prior to 0.10.1, where the set function allows Prototype Pollution due to missing input sanitization. The vulnerability is linked to an incomplete fix referenced by CVE-2020-7736. Practical impact is Prototype Pollution risk in objects...
bmoor-comm (>=0.0.1 <=0.0.3) potentially affected by CVE-2020-7736 +1 more via bmoor (>=0.0.5 <=0.0.7)
bmoor NPM version =0.0.5, =0.0.1, =0.0.3 Source cves: CVE-2020-7736, CVE-2021-23558 Source advisory: SNYK:JS-BMOOR-2342622...
bmoor-cache (>=0.3.0 <=0.6.0), bmoor-comm (>=0.0.1 <=0.6.0) +4 more potentially affected by CVE-2020-7736 via bmoor (>=0.0.5 <=0.5.1)
bmoor NPM version =0.0.5, =0.3.0, =0.0.1, =0.0.1, =0.1.0, =0.0.4, =0.6.0, =0.6.43 Source cves: CVE-2020-7736 Source advisory: OSV:GHSA-H3RX-G5C9-8Q4X...
CVE-2020-7736 Prototype Pollution
The package bmoor before 0.8.12 are vulnerable to Prototype Pollution via the set function...
CVE-2020-7736
The CVE-2020-7736 entry applies to the JavaScript package bmoor . Affected versions are those prior to 0.8.12, with vulnerability described as a Prototype Pollution flaw exposed through the vulnerable function set . The issue arises from unsafe handling that allows pollution of object prototypes,...