20 matches found
EUVD-2021-2604
Malware in sbrugna...
EUVD-2021-1894
Malware in sbrugna...
EUVD-2021-2598
Malware in sbrugna...
@zag-js/core prototype pollution
A prototype pollution in the lib.deepMerge function of @zag-js/core v0.50.0 allows attackers to cause a Denial of Service DoS via supplying a crafted payload...
PT-2025-5759 · Unknown · @Stryker-Mutator/Util
Name of the Vulnerable Software and Affected Versions: @stryker-mutator/util version 8.6.0 Description: A prototype pollution in the deepMerge function allows attackers to cause a Denial of Service DoS via supplying a crafted payload. Recommendations: For @stryker-mutator/util version 8.6.0,...
Prototype Pollution
@antfu/utils is vulnerable to Prototype Pollution. The vulnerability exists due lack of sanization in the deepMerge function of object.js which allows an attacker to inject and modify malicious properties such as proto, resulting in prototype pollution...
Prototype Pollution in comb
All versions of package comb are vulnerable to Prototype Pollution via the deepMerge function...
GHSA-VXR4-RXW7-G7V6 Prototype Pollution in comb
All versions of package comb are vulnerable to Prototype Pollution via the deepMerge function...
GHSA-WJPC-CGVW-XX23 Prototype Pollution in sey
All versions of package sey are vulnerable to Prototype Pollution via the deepmerge function...
CVE-2021-23561
All versions of package comb are vulnerable to Prototype Pollution via the deepMerge function...
Design/Logic Flaw
All versions of package comb are vulnerable to Prototype Pollution via the deepMerge function...
CVE-2021-23663
CVE-2021-23663 affects the JavaScript package sey across all versions, with prototype pollution via deepmerge(). The attackable component is the deepmerge() function, enabling property injection into Object.prototype and potential DoS or remote code execution. The connected sources confirm all ve...
CVE-2021-23561 Prototype Pollution
All versions of package comb are vulnerable to Prototype Pollution via the deepMerge function...
Prototype Pollution in deepmergefn
All versions of package deepmergefn are vulnerable to Prototype Pollution via deepMerge function...
GHSA-VJ72-MWRJ-M2XQ Prototype Pollution in deepmergefn
All versions of package deepmergefn are vulnerable to Prototype Pollution via deepMerge function...
CVE-2021-23417
All versions of package deepmergefn are vulnerable to Prototype Pollution via deepMerge function...
CVE-2021-23417
All versions of package deepmergefn are vulnerable to Prototype Pollution via deepMerge function...
deepmergefn 安全漏洞
deepmergefn is an application. A deepmergefn mixes two data objects. deepmergefn suffers from a security vulnerability that stems from vulnerability to prototype contamination via the deepMerge function, which can be exploited by attackers to cause remote code execution...
PT-2020-19740 · Unknown · Gammautils
Name of the Vulnerable Software and Affected Versions: gammautils versions prior to 0.0.82 Description: The issue concerns Prototype Pollution via the deepSet and deepMerge functions. Recommendations: For versions prior to 0.0.82, update to version 0.0.82 or later to resolve the issue...
Prototype Pollution
Overview @fluentui/styles is a set of styling utilities for CSS-in-JS. Affected versions of this package are vulnerable to Prototype Pollution. The deepmerge function available within the styles package of FluentUI allows one object to merge with another recursively. Given a value such as proto,...