2 matches found
CVE-2021-4278
The CVE-2021-4278 entry concerns cronvel tree-kit versions up to 0.6.x and describes a prototype pollution issue resulting from improper checks that allow manipulation of object prototype attributes. The root cause is an undefined part of the codebase, with the recommended remediation being an up...
3d-kit (>=0.0.1 <=0.0.14), @0x4447/broccoli (>=1.0.0 <=1.0.16) +144 more potentially affected by CVE-2021-4278 via tree-kit (>=0.0.4 <=0.6.2)
tree-kit NPM version =0.0.4, =0.0.1, =1.0.0, =2.0.0, =1.0.0, =1.18.0, =0.0.1, =1.0.5-master.20190403074739, =1.0.0-master.20180909013449, =0.1.0-master.20191109234452, =0.1.0-ipcrm-custom-event.20191122150318, =1.1.0, =0.1.0-master.20190319050251, =0.1.9-update-dependencies.20190319120645,...