EUVD-2023-1098

Malicious code in bioql PyPI...

CVE-2023-26106

All versions of the package dot-lens are vulnerable to Prototype Pollution via the set function in index.js file...

csv-interact (>=0.0.1 <=1.0.0), jb55-json2csv (>=3.0.0 <=3.1.1) +1 more potentially affected by CVE-2023-26106 via dot-lens (=1.2.3)

dot-lens NPM version =1.2.3 is affected by a known vulnerability. The following packages have a transitive dependency on dot-lens and may be impacted: - csv-interact =0.0.1, =3.0.0, =3.1.1 - tableize-csv-parser =0.0.1 Source cves: CVE-2023-26106 Source advisory: OSV:GHSA-RMHG-2CVV-Q7VX...

dot-lens vulnerable to Prototype Pollution

All versions of the package dot-lens are vulnerable to Prototype Pollution via the set function in index.js file...

GHSA-RMHG-2CVV-Q7VX dot-lens vulnerable to Prototype Pollution

All versions of the package dot-lens are vulnerable to Prototype Pollution via the set function in index.js file...

CVE-2023-26106

All versions of the package dot-lens are vulnerable to Prototype Pollution via the set function in index.js file...

CVE-2023-26106

All versions of the package dot-lens are vulnerable to Prototype Pollution via the set function in index.js file...

CVE-2023-26106

All versions of the package dot-lens are vulnerable to Prototype Pollution via the set function in index.js file...

CVE-2023-26106

CVE-2023-26106 (dot-lens) : Multiple connected sources confirm a Prototype Pollution flaw via the set() function in index.js, affecting all versions of the dot-lens package. Root cause: prototype contamination through set(), enabling unexpected modifications to objects. Reported impact is high (C...

CVE-2023-26106

All versions of the package dot-lens are vulnerable to Prototype Pollution via the set function in index.js file...

dot-lens 安全漏洞

dot-lens is a JavaScript library. A security vulnerability exists in dot-lens that stems from prototype contamination of the set function in the index.js file...

PT-2023-20493 · Dot-Lens · Dot-Lens

Name of the Vulnerable Software and Affected Versions: dot-lens versions all Description: The issue concerns Prototype Pollution via the set function in the index.js file. This affects all versions of the dot-lens package. There is no information provided about the estimated number of potentially...

Prototype Pollution

Overview dot-lens is a Simple, compiled dot lenses Affected versions of this package are vulnerable to Prototype Pollution via the set function in index.js file. PoC var dot = require"dot-lens" console.log"before:"+.test dot.set"proto.test","123" console.log"after:"+.test Details Prototype...

csv-interact (>=0.0.1 <=1.0.0), jb55-json2csv (>=3.0.0 <=3.1.1) +1 more potentially affected by CVE-2023-26106 via dot-lens (=1.2.3)

dot-lens NPM version =1.2.3 is affected by a known vulnerability. The following packages have a transitive dependency on dot-lens and may be impacted: - csv-interact =0.0.1, =3.0.0, =3.1.1 - tableize-csv-parser =0.0.1 Source cves: CVE-2023-26106 Source advisory: SNYK:JS-DOTLENS-3227646...