5 matches found
@dstanesc/shared-property-map (>=0.0.9 <=0.0.11), @fluid-experimental/partial-checkout (>=0.51.0 <=2.0.0-internal.2.0.4) +10 more potentially affected by CVE-2022-41714 via fastest-json-copy (=1.0.1)
fastest-json-copy NPM version =1.0.1 is affected by a known vulnerability. The following packages have a transitive dependency on fastest-json-copy and may be impacted: - @dstanesc/shared-property-map =0.0.9, =0.51.0, =0.51.0, =0.51.0, =0.51.0, =0.51.0, =0.51.0, =0.51.0, =0.51.0, =0.51.0, =2.0.0,...
CVE-2022-41714
creationtimestamp| type| source ---|---|--- 2022-11-03 23:26:07+00:00| seen| https://t.me/cibsecurity/52542...
CVE-2022-41714 fastest-json-copy 1.0.1 - Prototype Pollution
fastest-json-copy version 1.0.1 allows an external attacker to edit or add new properties to an object. This is possible because the application does not correctly validate the incoming JSON keys, thus allowing the 'proto' property to be edited...
CVE-2022-41714
CVE-2022-41714 affects fastest-json-copy version 1.0.1. The vulnerability is prototype pollution: invalid validation of incoming JSON keys allows an attacker to edit or add properties on the Object prototype (via proto ), enabling modification of object properties. Affected component is the faste...
CVE-2022-41714 fastest-json-copy 1.0.1 - Prototype Pollution
fastest-json-copy version 1.0.1 allows an external attacker to edit or add new properties to an object. This is possible because the application does not correctly validate the incoming JSON keys, thus allowing the 'proto' property to be edited...