CVE-2020-7748

This affects the package @tsed/core before 5.65.7. This vulnerability relates to the deepExtend function which is used as part of the utils directory. Depending on if user input is provided, an attacker can overwrite and pollute the object prototype of a program...

CVE-2020-7748

This affects the package @tsed/core before 5.65.7. This vulnerability relates to the deepExtend function which is used as part of the utils directory. Depending on if user input is provided, an attacker can overwrite and pollute the object prototype of a program...

Directory traversal

This affects the package @tsed/core before 5.65.7. This vulnerability relates to the deepExtend function which is used as part of the utils directory. Depending on if user input is provided, an attacker can overwrite and pollute the object prototype of a program...

CVE-2020-7748

The CVE-2020-7748 entry affects the @tsed/core package (versions prior to 5.65.7) and is due to the deepExtend utility in the utils directory. The vulnerability enables prototype pollution when user input is supplied, allowing an attacker to overwrite properties on Object.prototype, with potentia...

CVE-2020-7748 Prototype Pollution

This affects the package @tsed/core before 5.65.7. This vulnerability relates to the deepExtend function which is used as part of the utils directory. Depending on if user input is provided, an attacker can overwrite and pollute the object prototype of a program...

Prototype Pollution

Overview @tsed/core is a package of Ts.ED framework. Affected versions of this package are vulnerable to Prototype Pollution. This vulnerability relates to the deepExtend function which is used as part of the utils directory. Depending on if user input is provided, an attacker can overwrite and...

CVE-2020-7743

The package mathjs before 7.5.1 are vulnerable to Prototype Pollution via the deepExtend function that runs upon configuration updates...

CVE-2020-7743

The package mathjs before 7.5.1 are vulnerable to Prototype Pollution via the deepExtend function that runs upon configuration updates...

Default configuration

The package mathjs before 7.5.1 are vulnerable to Prototype Pollution via the deepExtend function that runs upon configuration updates...

CVE-2020-7743 Prototype Pollution

The package mathjs before 7.5.1 are vulnerable to Prototype Pollution via the deepExtend function that runs upon configuration updates...

CVE-2020-7743

The vulnerability described in CVE-2020-7743 affects the mathjs package prior to version 7.5.1, enabling Prototype Pollution via the deepExtend function during configuration updates. This is a general software vulnerability in mathjs, with no explicit exploit details provided in the connected doc...

Prototype Pollution

Overview mathjs is a math library for JavaScript and Node.js. It features a flexible expression parser with support for symbolic computation, comes with a large set of built-in functions and constants, and offers an integrated solution to work with diff. Affected versions of this package are...

Prototype Pollution

Overview i18next is an internationalization framework for browser or any other javascript environment eg. node.js. Affected versions of this package are vulnerable to Prototype Pollution. This vulnerability relates to the AddResourceBundle API which uses the the deepExtend function...