EUVD-2021-1894

Malware in sbrugna...

Prototype Pollution in deepmergefn

All versions of package deepmergefn are vulnerable to Prototype Pollution via deepMerge function...

GHSA-VJ72-MWRJ-M2XQ Prototype Pollution in deepmergefn

All versions of package deepmergefn are vulnerable to Prototype Pollution via deepMerge function...

deepmergefn has unspecified vulnerabilities

deepmergefn is an application. A deepmergefn mixes two data objects. deepmergefn suffers from a security vulnerability that stems from vulnerability to prototype contamination via the deepMerge function, which can be exploited by attackers to cause remote code execution...

Design/Logic Flaw

All versions of package deepmergefn are vulnerable to Prototype Pollution via deepMerge function...

CVE-2021-23417

CVE-2021-23417 affects the npm package deepmergefn. The vulnerability is a prototype pollution in the deepMerge function, allowing an attacker to pollute Object.prototype and potentially trigger remote code execution. All versions are indicated as affected. Public sources describe the root cause ...

CVE-2021-23417 Prototype Pollution

All versions of package deepmergefn are vulnerable to Prototype Pollution via deepMerge function...

CVE-2021-23417

All versions of package deepmergefn are vulnerable to Prototype Pollution via deepMerge function...

deepmergefn 安全漏洞

deepmergefn is an application. A deepmergefn mixes two data objects. deepmergefn suffers from a security vulnerability that stems from vulnerability to prototype contamination via the deepMerge function, which can be exploited by attackers to cause remote code execution...

Prototype Pollution

Overview deepmergefn is a Mixes two data objects in depth Affected versions of this package are vulnerable to Prototype Pollution via deepMerge function. PoC const deepMerge = require"deepmergefn"; EVILDATA = JSON.parse'"proto":"polluted":true'; deepMerge, EVILDATA; console.logpolluted; Details...