3 matches found
CVE-2021-23403
All versions of package ts-nodash are vulnerable to Prototype Pollution via the Merge function due to lack of validation input...
CVE-2021-23403
CVE-2021-23403 affects the npm package ts-nodash. All versions before 1.2.7 are vulnerable to a prototype pollution via the Merge() function due to lack of input validation. The root cause is unsafe merging that can inject proto -level properties into objects, enabling potential DoS or remote cod...
CVE-2021-23403 Prototype Pollution
All versions of package ts-nodash are vulnerable to Prototype Pollution via the Merge function due to lack of validation input...