5 matches found
@hosoft/restful-api-framework (>=1.0.1 <=1.5.3), @iamkenos/fragile (>=0.1.1 <=0.1.5) +28 more potentially affected by CVE-2021-3666 via body-parser-xml (>=1.1.0 <=2.0.1)
body-parser-xml NPM version =1.1.0, =1.0.1, =0.1.1, =1.229.0, =0.0.8, =0.1.0, =0.1.4, =0.1.0, =0.8.2-alpha.2, =0.0.10, =1.0.0, =0.0.1, =0.0.1, =0.0.1, =0.1.0 - hubot-wework =0.1.0 and more Source cves: CVE-2021-3666 Source advisory: OSV:GHSA-2GHC-6V89-PW9J...
CVE-2021-3666
body-parser-xml is vulnerable to Improperly Controlled Modification of Object Prototype Attributes 'Prototype Pollution'...
CVE-2021-3666
body-parser-xml is vulnerable to Improperly Controlled Modification of Object Prototype Attributes 'Prototype Pollution'...
CVE-2021-3666 Prototype Pollution in fiznool/body-parser-xml
body-parser-xml is vulnerable to Improperly Controlled Modification of Object Prototype Attributes 'Prototype Pollution'...
CVE-2021-3666
CVE-2021-3666 : Vulnerability in body-parser-xml (prototype pollution via Improperly Controlled Modification of Object Prototype Attributes). Multiple connected sources confirm this CVE; CVSS details (3.1) show a NETWORK attack vector, no privileges required, no user interaction, and high impact ...