6 matches found
@ckeditor/ckeditor5-dev-lint (>=1.0.0 <=2.0.3), @code_monk/hak-cli (>=1.0.6 <=1.0.9) +364 more potentially affected by CVE-2020-7751 via pathval (>=0.0.1 <=1.1.0)
pathval NPM version =0.0.1, =1.0.0, =1.0.6, =1.0.4, =2.0.3, =1.0.8, =1.0.3, =1.0.7, =2.0.3, =3.1.2, =1.0.3, =0.0.1, =0.1.0, =0.2.0 - @nwetzel/modern-web-dev-build =0.6.0 and more Source cves: CVE-2020-7751 Source advisory: OSV:GHSA-G6WW-V8XP-VMWG...
CVE-2020-7751
pathval before version 1.1.1 is vulnerable to prototype pollution...
CVE-2020-7751
pathval before version 1.1.1 is vulnerable to prototype pollution...
CVE-2020-7751 Prototype Pollution
pathval before version 1.1.1 is vulnerable to prototype pollution...
CVE-2020-7751
CVE-2020-7751 affects the pathval library (pathval before 1.1.1) and is a Prototype Pollution issue. The IBM bulletin list confirms the vulnerability in pathval with a base score of 6.0 and a CVSS v3.0 vector of CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:H. Root cause is improper modification of ...
config3 (=1.1.0) potentially affected by CVE-2020-7751 via pathval (=1.1.0)
pathval NPM version =1.1.0 is affected by a known vulnerability. The following packages have a transitive dependency on pathval and may be impacted: - config3 =1.1.0 Source cves: CVE-2020-7751 Source advisory: SNYK:JS-PATHVAL-596926...