8 matches found
Design/Logic Flaw
This affects all versions of package mout. The deepFillIn function can be used to 'fill missing properties recursively', while the deepMixIn mixes objects into the target object, recursively mixing existing child objects as well. In both cases, the key used to access the target object recursively...
08cms (=1.0.0), 1 (>=0.0.2 <=0.1.2) +2285 more potentially affected by CVE-2020-7792 via mout (>=0.10.0 <=1.2.2)
mout NPM version =0.10.0, =0.0.2, =0.0.2, =0.1.2, =3.0.0, =1.0.0, =0.0.1, =1.0.0, =1.3.2, =1.0.0, =1.0.0, =1.0.1, =0.1.16, =1.2.1, =1.6.1 and more Source cves: CVE-2020-7792 Source advisory: OSV:GHSA-PC58-WGMC-HFJR...
@alma-oss/vite-plugin-spirit-icons (=1.1.0), @camptocamp/closure-util (>=1.23.0 <=1.27.0) +132 more potentially affected by CVE-2020-7792 +1 more via mout (>=1.0.0 <=1.2.3)
mout NPM version =1.0.0, =1.23.0, =0.12.2, =1.36.0, =0.0.1, =1.0.0, =0.1.1, =0.1.0, =2.94.2, =0.3.0, =0.3.6 and more Source cves: CVE-2020-7792, CVE-2022-21213 Source advisory: SNYK:JS-MOUT-2342654...
Prototype Pollution
Overview mout is a Modular Utilities Affected versions of this package are vulnerable to Prototype Pollution. The deepFillIn function can be used to 'fill missing properties recursively', while the deepMixIn mixes objects into the target object, recursively mixing existing child objects as well. ...
CVE-2020-7792
This affects all versions of package mout. The deepFillIn function can be used to 'fill missing properties recursively', while the deepMixIn 'mixes objects into the target object, recursively mixing existing child objects as well'. In both cases, the key used to access the target object recursive...
CVE-2020-7792
The CVE-2020-7792 entry applies to the mout package where the deepFillIn and deepMixIn functions perform recursive operations without properly checking the target property key. This enables Prototype Pollution across all versions of mout and can affect Object.prototype when exploited via recursiv...
CVE-2020-7792 Prototype Pollution
This affects all versions of package mout. The deepFillIn function can be used to 'fill missing properties recursively', while the deepMixIn 'mixes objects into the target object, recursively mixing existing child objects as well'. In both cases, the key used to access the target object recursive...
@alma-oss/vite-plugin-spirit-icons (=1.1.0), @camptocamp/closure-util (>=1.23.0 <=1.27.0) +132 more potentially affected by CVE-2020-7792 via mout (>=1.0.0 <=1.2.2)
mout NPM version =1.0.0, =1.23.0, =0.12.2, =1.36.0, =0.0.1, =1.0.0, =0.1.1, =0.1.0, =2.94.2, =0.3.0, =0.3.6 and more Source cves: CVE-2020-7792 Source advisory: SNYK:JS-MOUT-1014544...