Lucene search
K

8 matches found

Prion
Prion
added 2022/06/17 8:15 p.m.16 views

Design/Logic Flaw

This affects all versions of package mout. The deepFillIn function can be used to 'fill missing properties recursively', while the deepMixIn mixes objects into the target object, recursively mixing existing child objects as well. In both cases, the key used to access the target object recursively...

5CVSS7.5AI score0.02119EPSS
Exploits2References5
vulnersOsv
vulnersOsv
added 2022/02/09 10:49 p.m.4 views

08cms (=1.0.0), 1 (>=0.0.2 <=0.1.2) +2285 more potentially affected by CVE-2020-7792 via mout (>=0.10.0 <=1.2.2)

mout NPM version =0.10.0, =0.0.2, =0.0.2, =0.1.2, =3.0.0, =1.0.0, =0.0.1, =1.0.0, =1.3.2, =1.0.0, =1.0.0, =1.0.1, =0.1.16, =1.2.1, =1.6.1 and more Source cves: CVE-2020-7792 Source advisory: OSV:GHSA-PC58-WGMC-HFJR...

7.5CVSS7AI score0.02119EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2022/01/19 8:32 a.m.11 views

@alma-oss/vite-plugin-spirit-icons (=1.1.0), @camptocamp/closure-util (>=1.23.0 <=1.27.0) +132 more potentially affected by CVE-2020-7792 +1 more via mout (>=1.0.0 <=1.2.3)

mout NPM version =1.0.0, =1.23.0, =0.12.2, =1.36.0, =0.0.1, =1.0.0, =0.1.1, =0.1.0, =2.94.2, =0.3.0, =0.3.6 and more Source cves: CVE-2020-7792, CVE-2022-21213 Source advisory: SNYK:JS-MOUT-2342654...

7.5CVSS7.2AI score0.02119EPSS
Exploits2
Snyk
Snyk
added 2022/01/19 8:32 a.m.6 views

Prototype Pollution

Overview mout is a Modular Utilities Affected versions of this package are vulnerable to Prototype Pollution. The deepFillIn function can be used to 'fill missing properties recursively', while the deepMixIn mixes objects into the target object, recursively mixing existing child objects as well. ...

7.5CVSS8AI score0.02119EPSS
Exploits2References2
OSV
OSV
added 2020/12/11 11:15 a.m.6 views

CVE-2020-7792

This affects all versions of package mout. The deepFillIn function can be used to 'fill missing properties recursively', while the deepMixIn 'mixes objects into the target object, recursively mixing existing child objects as well'. In both cases, the key used to access the target object recursive...

7.5CVSS7.1AI score0.02119EPSS
Exploits1References5
CVE
CVE
added 2020/12/11 11:5 a.m.58 views

CVE-2020-7792

The CVE-2020-7792 entry applies to the mout package where the deepFillIn and deepMixIn functions perform recursive operations without properly checking the target property key. This enables Prototype Pollution across all versions of mout and can affect Object.prototype when exploited via recursiv...

7.5CVSS7.3AI score0.02119EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2020/12/11 11:5 a.m.40 views

CVE-2020-7792 Prototype Pollution

This affects all versions of package mout. The deepFillIn function can be used to 'fill missing properties recursively', while the deepMixIn 'mixes objects into the target object, recursively mixing existing child objects as well'. In both cases, the key used to access the target object recursive...

7.5CVSS7.4AI score0.02119EPSS
Exploits1References5
vulnersOsv
vulnersOsv
added 2020/09/30 3:6 p.m.6 views

@alma-oss/vite-plugin-spirit-icons (=1.1.0), @camptocamp/closure-util (>=1.23.0 <=1.27.0) +132 more potentially affected by CVE-2020-7792 via mout (>=1.0.0 <=1.2.2)

mout NPM version =1.0.0, =1.23.0, =0.12.2, =1.36.0, =0.0.1, =1.0.0, =0.1.1, =0.1.0, =2.94.2, =0.3.0, =0.3.6 and more Source cves: CVE-2020-7792 Source advisory: SNYK:JS-MOUT-1014544...

7.5CVSS7.2AI score0.02119EPSS
Exploits1
Rows per page
Query Builder