21 matches found
EUVD-2021-0836
Malware in sbrugna...
EUVD-2021-0882
Malware in sbrugna...
Malicious code in test-mlw2-balks-mawrs-armil-decal (npm)
The package test-mlw2-balks-mawrs-armil-decal was found to contain malicious code...
Malicious code in test-mlw2-fames-agist-decal-cruds (npm)
The package test-mlw2-fames-agist-decal-cruds was found to contain malicious code...
MAL-2025-35310 Malicious code in test-mlw2-fames-agist-decal-cruds (npm)
The package test-mlw2-fames-agist-decal-cruds was found to contain malicious code...
MAL-2025-34926 Malicious code in test-mlw2-balks-mawrs-armil-decal (npm)
The package test-mlw2-balks-mawrs-armil-decal was found to contain malicious code...
GHSA-J32X-J8PJ-PG2H Prototype Pollution in decal
This affects all versions of package decal. The vulnerability is in the extend function...
Prototype Pollution in decal
This affects all versions of package decal. The vulnerability is in the extend function...
GHSA-VP77-FQQP-79J8 Prototype Pollution in decal
This affects all versions of package decal. The vulnerability is in the set function...
Prototype Pollution in decal
This affects all versions of package decal. The vulnerability is in the set function...
Prototype Pollution
decal is vulnerable to prototype pollution. An attacker is able to inject properties into existing construct prototypes and modify attributes such as proto, constructor and prototype via the extend function...
Prototype Pollution
decal is vulnerable to prototype pollution. An attacker is able to inject properties into existing construct prototypes and modify attributes such as proto, constructor and prototype...
CVE-2020-28449
This affects all versions of package decal. The vulnerability is in the set function...
CVE-2020-28450
This affects all versions of package decal. The vulnerability is in the extend function...
Design/Logic Flaw
This affects all versions of package decal. The vulnerability is in the set function...
Design/Logic Flaw
This affects all versions of package decal. The vulnerability is in the extend function...
CVE-2020-28449
CVE-2020-28449 corresponds to a prototype pollution vulnerability in the JavaScript package decal, with the issue located in the set function. Affected software is decal (all versions), and exploitation involves injecting properties into Object.prototype (e.g., via proto or path-based definitions...
CVE-2020-28449 Prototype Pollution
This affects all versions of package decal. The vulnerability is in the set function...
CVE-2020-28450 Prototype Pollution
This affects all versions of package decal. The vulnerability is in the extend function...
CVE-2020-28450
CVE-2020-28450 concerns the package decal and stems from the vulnerable extend function, enabling prototype pollution across all versions. Multiple connected advisories (GHSA-J32X-J8PJ-PG2H; OSV GHSA-J32X-J8PJ-PG2H; SNYK-JS-DECAL-1051028; Veracode) describe the risk of injecting properties into O...