EUVD-2022-4090

Malicious code in bioql PyPI...

CVE-2021-25944

Prototype pollution vulnerability in 'deep-defaults' versions 1.0.0 through 1.0.5 allows attacker to cause a denial of service and may lead to remote code execution...

4cdl (>=1.0.1 <=1.0.7), 77cli (>=0.0.10 <=0.0.12) +445 more potentially affected by CVE-2021-25944 via deep-defaults (=1.0.5)

deep-defaults NPM version =1.0.5 is affected by a known vulnerability. The following packages have a transitive dependency on deep-defaults and may be impacted: - 4cdl =1.0.1, =0.0.10, =0.0.2, =0.0.1, =0.2.0, =0.0.1, =0.0.1, =1.0.1, =0.0.1, =0.0.1, =1.0.2, =1.0.4 and more Source cves:...

deep-defaults vulnerable to prototype pollution

Overview Prototype pollution vulnerability in 'deep-defaults' versions 1.0.0 through 1.0.5 allows attacker to cause a denial of service and may lead to remote code execution. Details The NPM module deep-defaults can be abused by Prototype Pollution vulnerability since the function deepDefaults do...

GHSA-H6XG-RG33-9MF4 deep-defaults vulnerable to prototype pollution

Overview Prototype pollution vulnerability in 'deep-defaults' versions 1.0.0 through 1.0.5 allows attacker to cause a denial of service and may lead to remote code execution. Details The NPM module deep-defaults can be abused by Prototype Pollution vulnerability since the function deepDefaults do...

CVE-2021-25944

Prototype pollution vulnerability in 'deep-defaults' versions 1.0.0 through 1.0.5 allows attacker to cause a denial of service and may lead to remote code execution...

CVE-2021-25944

Prototype pollution vulnerability in 'deep-defaults' versions 1.0.0 through 1.0.5 allows attacker to cause a denial of service and may lead to remote code execution...

Remote code execution

Prototype pollution vulnerability in 'deep-defaults' versions 1.0.0 through 1.0.5 allows attacker to cause a denial of service and may lead to remote code execution...

CVE-2021-25944

Prototype pollution vulnerability in 'deep-defaults' versions 1.0.0 through 1.0.5 allows attacker to cause a denial of service and may lead to remote code execution...

CVE-2021-25944

CVE-2021-25944 relates to a prototype pollution flaw in the npm module deep-defaults affecting versions 1.0.0–1.0.5. The root cause is that the internal function _deepDefaults() assigns properties without validating the input type, enabling an attacker to pollute Object.prototype (e.g., via malic...

deep-defaults 安全漏洞

deep-defaults is a package for npm. A security vulnerability exists in deep-defaults versions 1.0.0 through 1.0.5, which can be exploited by an attacker to cause a denial of service and possibly remote code execution...

PT-2021-16870 · Unknown · Deep-Defaults

Name of the Vulnerable Software and Affected Versions: deep-defaults versions 1.0.0 through 1.0.5 Description: The issue allows an attacker to cause a denial of service and may lead to remote code execution due to a prototype pollution vulnerability in the 'deep-defaults' module. The deepDefaults...