2428 matches found
CVE-2018-3719
mixin-deep node module before 1.3.1 suffers from a Modification of Assumed-Immutable Data MAID vulnerability, which allows a malicious user to modify the prototype of "Object" via proto, causing the addition or modification of an existing property that will exist on all objects...
CVE-2018-3723
defaults-deep node module before 0.2.4 suffers from a Modification of Assumed-Immutable Data MAID vulnerability, which allows a malicious user to modify the prototype of "Object" via proto, causing the addition or modification of an existing property that will exist on all objects...
CVE-2018-3720
assign-deep node module before 0.4.7 suffers from a Modification of Assumed-Immutable Data MAID vulnerability, which allows a malicious user to modify the prototype of "Object" via proto, causing the addition or modification of an existing property that will exist on all objects...
DEBIAN-CVE-2018-3719
mixin-deep node module before 1.3.1 suffers from a Modification of Assumed-Immutable Data MAID vulnerability, which allows a malicious user to modify the prototype of "Object" via proto, causing the addition or modification of an existing property that will exist on all objects...
Code injection
defaults-deep node module before 0.2.4 suffers from a Modification of Assumed-Immutable Data MAID vulnerability, which allows a malicious user to modify the prototype of "Object" via proto, causing the addition or modification of an existing property that will exist on all objects...
Code injection
mixin-deep node module before 1.3.1 suffers from a Modification of Assumed-Immutable Data MAID vulnerability, which allows a malicious user to modify the prototype of "Object" via proto, causing the addition or modification of an existing property that will exist on all objects...
Code injection
merge-deep node module before 3.0.1 suffers from a Modification of Assumed-Immutable Data MAID vulnerability, which allows a malicious user to modify the prototype of "Object" via proto, causing the addition or modification of an existing property that will exist on all objects...
UBUNTU-CVE-2018-3719
mixin-deep node module before 1.3.1 suffers from a Modification of Assumed-Immutable Data MAID vulnerability, which allows a malicious user to modify the prototype of "Object" via proto, causing the addition or modification of an existing property that will exist on all objects...
CVE-2018-3723
CVE-2018-3723 affects defaults-deep prior to 0.2.4, enabling prototype pollution by abusing proto to modify Object.prototype. This can lead to added or altered properties existing on all objects, with potential DoS and, in some cases, remote code execution as described in linked advisories. The i...
CVE-2018-3719
mixin-deep node module before 1.3.1 suffers from a Modification of Assumed-Immutable Data MAID vulnerability, which allows a malicious user to modify the prototype of "Object" via proto, causing the addition or modification of an existing property that will exist on all objects...
CVE-2018-3720
assign-deep node module before 0.4.7 suffers from a Modification of Assumed-Immutable Data MAID vulnerability, which allows a malicious user to modify the prototype of "Object" via proto, causing the addition or modification of an existing property that will exist on all objects...
CVE-2018-3720
The CVE-2018-3720 entry concerns the assign-deep Node.js module. Versions prior to 0.4.7 are affected by a prototype-pollution (MAID) vulnerability that lets an attacker modify Object.prototype via proto , enabling addition or modification of properties that propagate to all objects. Impact is de...
CVE-2018-3723
defaults-deep node module before 0.2.4 suffers from a Modification of Assumed-Immutable Data MAID vulnerability, which allows a malicious user to modify the prototype of "Object" via proto, causing the addition or modification of an existing property that will exist on all objects...
CVE-2018-3719
CVE-2018-3719 affects the Node.js module mixin-deep (versions before 1.3.1). The vulnerability is a prototype pollution (MAID) flaw that lets an attacker modify Object.prototype via proto , causing addition or modification of properties that exist on all objects. Affected versions are explicitly ...
CVE-2018-3722
The CVE-2018-3722 entry concerns the merge-deep npm module, specifically versions before 3.0.1. A MAID/prototype-pollution flaw via proto enables an attacker to modify the prototype of Object, potentially adding or altering properties that exist on all objects. This can lead to server instability...
PT-2018-16143 · Npm · Mixin-Deep
Name of the Vulnerable Software and Affected Versions: mixin-deep versions prior to 1.3.1 Description: The issue allows a malicious user to modify the prototype of Object via proto , causing the addition or modification of an existing property that will exist on all objects. This is achieved...
DEBIAN-CVE-2014-10064
The qs module before 1.0.0 does not have an option or default for specifying object depth and when parsing a string representing a deeply nested object will block the event loop for long periods of time. An attacker could leverage this to cause a temporary denial-of-service condition, for example...
Automatic Machine Learning Penetration Test Tool: Deep Exploit
DeepExploit is fully automated penetration tool linked with Metasploit. It identifies the status of all opened ports on the target server and executes the exploit at pinpoint using Machine Learning. DeepExploit consists of the machine learning model A3C and Metasploit . The A3C executes exploit t...
Fedora Update for nodejs-mixin-deep FEDORA-2018-ab62814cee
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 28 Update: nodejs-mixin-deep-1.3.1-1.fc28
Deeply mix the properties of objects into the first object. Like merge-deep, but doesn't clone...