33 matches found
EUVD-2021-1224
Malware in sbrugna...
EUVD-2021-1064
Malware in sbrugna...
EUVD-2021-0990
Malware in sbrugna...
Prototype Pollution
@tsed/core is vulnerable to Prototype Pollution. The vulnerability is due to the deepExtend function which lacks proper validation, allowing an attacker to overwrite and pollute the object prototype of a program when user input is provided...
GHSA-VPGW-FFH3-648H Prototype Pollution in fullpage.js
fullPage utils are available to developers using window.fputils. They can use these utils for their own use-case other than fullPage as well. However, one of the utils deepExtend is vulnerable to Prototype Pollution vulnerability. Javascript is "prototype" language which means when a new "object"...
Prototype Pollution in fullpage.js
fullPage utils are available to developers using window.fputils. They can use these utils for their own use-case other than fullPage as well. However, one of the utils deepExtend is vulnerable to Prototype Pollution vulnerability. Javascript is "prototype" language which means when a new "object"...
GHSA-FPM5-VV97-JFWG Uncontrolled Resource Consumption in firebase
This affects the package @firebase/util before 0.3.4. This vulnerability relates to the deepExtend function within the DeepCopy.ts file. Depending on if user input is provided, an attacker can overwrite and pollute the object prototype of a program...
Uncontrolled Resource Consumption in firebase
This affects the package @firebase/util before 0.3.4. This vulnerability relates to the deepExtend function within the DeepCopy.ts file. Depending on if user input is provided, an attacker can overwrite and pollute the object prototype of a program...
GHSA-77XQ-CPVG-7XM2 Prototype pollution in @tsed/core
This affects the package @tsed/core before 5.65.7. This vulnerability relates to the deepExtend function which is used as part of the utils directory. Depending on if user input is provided, an attacker can overwrite and pollute the object prototype of a program...
Prototype pollution in @tsed/core
This affects the package @tsed/core before 5.65.7. This vulnerability relates to the deepExtend function which is used as part of the utils directory. Depending on if user input is provided, an attacker can overwrite and pollute the object prototype of a program...
Prototype Pollution
Overview mathjs before version 7.5.1 is vulnerable to Prototype Pollution via the deepExtend function that runs upon configuration updates. Recommendation Upgrade to version 7.5.1 or later References - CVE - GitHub Advisory...
GHSA-X2FC-MXCX-W4MF Prototype Pollution in mathjs
The package mathjs before 7.5.1 are vulnerable to Prototype Pollution via the deepExtend function that runs upon configuration updates...
Prototype Pollution in mathjs
The package mathjs before 7.5.1 are vulnerable to Prototype Pollution via the deepExtend function that runs upon configuration updates...
Prototype Pollution
i18next is vulnerable to prototype pollution. An attacker is able to exploit the vulnerability to inject arbitrary properties into existing construct prototypes and modify attributes such as proto, constructor and prototype in the deepExtend function...
Prototype Pollution
firebase is vulnerable to prototype pollution. An attacker is able to inject properties into existing construct prototypes and modify attributes such as proto, constructor and prototype via the deepExtend function within the DeepCopy.ts file...
Google Firebase Js Sdk prototype contamination vulnerability
Google Firebase Js Sdk is a client-side code base for connecting to the Firebase backend service from Google. firebase/util versions prior to 0.3.4 contain a prototype contamination vulnerability that originates from the deepExtend function in DeepCopy.ts. An attacker could exploit this...
CVE-2020-7765
This affects the package @firebase/util before 0.3.4. This vulnerability relates to the deepExtend function within the DeepCopy.ts file. Depending on if user input is provided, an attacker can overwrite and pollute the object prototype of a program...
CVE-2020-7765 Prototype Pollution
This affects the package @firebase/util before 0.3.4. This vulnerability relates to the deepExtend function within the DeepCopy.ts file. Depending on if user input is provided, an attacker can overwrite and pollute the object prototype of a program...
Google Firebase Js Sdk 安全漏洞
Google Firebase Js Sdk is a client-side code base for connecting to the Firebase backend service from Google. firebase/util versions prior to 0.3.4 contain a prototype contamination vulnerability that originates from the deepExtend function in DeepCopy.ts. An attacker could exploit this...
Prototype Pollution
Overview @firebase/util is a wrapper of some Webchannel Features for the Firebase JS SDK. Affected versions of this package are vulnerable to Prototype Pollution. This vulnerability relates to the deepExtend function within the DeepCopy.ts file. Depending on if user input is provided, an attacker...