5 matches found
CVE-2022-37257
Prototype pollution vulnerability in function convertLater in npm-convert.js in stealjs steal 2.2.4 via the requestedVersion variable in npm-convert.js...
CVE-2022-37257
Prototype pollution vulnerability in function convertLater in npm-convert.js in stealjs steal 2.2.4 via the requestedVersion variable in npm-convert.js...
CVE-2022-37257
Prototype pollution vulnerability in function convertLater in npm-convert.js in stealjs steal 2.2.4 via the requestedVersion variable in npm-convert.js...
CVE-2022-37257
Prototype pollution vulnerability in function convertLater in npm-convert.js in stealjs steal 2.2.4 via the requestedVersion variable in npm-convert.js...
CVE-2022-37257
CVE-2022-37257 affects stealjs Steal 2.2.4 (prototype pollution) in the convertLater function via the requestedVersion variable in npm-convert.js. Root cause: prototype contamination allowing injection into proto , constructor, and prototype chains. Impact per sources: high confidentiality, integ...