24 matches found
EUVD-2022-6167
Malicious code in bioql PyPI...
EUVD-2022-1121
Malicious code in bioql PyPI...
Prototype Pollution in mout
This affects all versions of package mout. The deepFillIn function can be used to 'fill missing properties recursively', while the deepMixIn mixes objects into the target object, recursively mixing existing child objects as well. In both cases, the key used to access the target object recursively...
GHSA-VVV8-XW5F-3F88 Prototype Pollution in mout
This affects all versions of package mout. The deepFillIn function can be used to 'fill missing properties recursively', while the deepMixIn mixes objects into the target object, recursively mixing existing child objects as well. In both cases, the key used to access the target object recursively...
CVE-2022-21213
This affects all versions of package mout. The deepFillIn function can be used to 'fill missing properties recursively', while the deepMixIn mixes objects into the target object, recursively mixing existing child objects as well. In both cases, the key used to access the target object recursively...
CVE-2022-21213
This affects all versions of package mout. The deepFillIn function can be used to 'fill missing properties recursively', while the deepMixIn mixes objects into the target object, recursively mixing existing child objects as well. In both cases, the key used to access the target object recursively...
Design/Logic Flaw
This affects all versions of package mout. The deepFillIn function can be used to 'fill missing properties recursively', while the deepMixIn mixes objects into the target object, recursively mixing existing child objects as well. In both cases, the key used to access the target object recursively...
CVE-2022-21213 Prototype Pollution
This affects all versions of package mout. The deepFillIn function can be used to 'fill missing properties recursively', while the deepMixIn mixes objects into the target object, recursively mixing existing child objects as well. In both cases, the key used to access the target object recursively...
CVE-2022-21213
CVE-2022-21213 affects all versions of the Mout package. The vulnerability arises in deepFillIn and deepMixIn, which recursively access target objects without validating the keys used to reach nested properties, enabling prototype pollution. The issue traces to an incomplete fix of CVE-2020-7792....
CVE-2022-21213
This affects all versions of package mout. The deepFillIn function can be used to 'fill missing properties recursively', while the deepMixIn mixes objects into the target object, recursively mixing existing child objects as well. In both cases, the key used to access the target object recursively...
Mout 安全漏洞
Mout is a Javascript-based codebase from the Mout team that provides modular support for JS programming. A security vulnerability exists in Mout, which stems from the fact that the deepFillIn function used to "fill missing properties recursively" while deepMixIn mixes objects into the target obje...
Prototype Pollution in mout
This affects all versions of package mout. The deepFillIn function can be used to 'fill missing properties recursively', while the deepMixIn 'mixes objects into the target object, recursively mixing existing child objects as well'. In both cases, the key used to access the target object recursive...
GHSA-PC58-WGMC-HFJR Prototype Pollution in mout
This affects all versions of package mout. The deepFillIn function can be used to 'fill missing properties recursively', while the deepMixIn 'mixes objects into the target object, recursively mixing existing child objects as well'. In both cases, the key used to access the target object recursive...
Prototype Pollution
js-data is vulnerable to pollution prototype. An attacker is able to exploit the vulnerability to inject arbitrary properties into existing construct prototypes and modify attributes such as proto, constructor and prototype via the deepMixIn function...
Prototype Pollution
js-data is vulnerable to pollution prototype. An attacker is able to exploit the vulnerability to inject arbitrary properties into existing construct prototypes and modify attributes such as proto, constructor and prototype via the deepMixIn function...
Prototype Pollution
mout is vulnerable to prototype pollution. An attacker is able to fill missing properties recursively via deepFillIn and mixes objects into the target existing child objects object recursively using deepMixIn as those functions do not validate the key to access the target object recursively...
CVE-2020-7792
This affects all versions of package mout. The deepFillIn function can be used to 'fill missing properties recursively', while the deepMixIn 'mixes objects into the target object, recursively mixing existing child objects as well'. In both cases, the key used to access the target object recursive...
CVE-2020-7792
This affects all versions of package mout. The deepFillIn function can be used to 'fill missing properties recursively', while the deepMixIn 'mixes objects into the target object, recursively mixing existing child objects as well'. In both cases, the key used to access the target object recursive...
Design/Logic Flaw
This affects all versions of package mout. The deepFillIn function can be used to 'fill missing properties recursively', while the deepMixIn 'mixes objects into the target object, recursively mixing existing child objects as well'. In both cases, the key used to access the target object recursive...
CVE-2020-7792
The CVE-2020-7792 entry applies to the mout package where the deepFillIn and deepMixIn functions perform recursive operations without properly checking the target property key. This enables Prototype Pollution across all versions of mout and can affect Object.prototype when exploited via recursiv...