EUVD-2022-1071

Malicious code in bioql PyPI...

CVE-2019-10793

dot-object before 2.1.3 is vulnerable to Prototype Pollution. The set function could be tricked into adding or modifying properties of Object.prototype using a proto payload...

@absolunet/ioc (>=0.1.0 <=1.0.0-alpha.5), @absolunet/ioc-app (>=0.3.0 <=1.0.0-alpha.4) +466 more potentially affected by CVE-2019-10793 via dot-object (>=0.10.0 <=2.1.2)

dot-object NPM version =0.10.0, =0.1.0, =0.3.0, =0.0.5, =1.0.0, =0.0.1, =0.0.1, =1.0.0, =0.1.0, =0.1.0, =0.1.3-alpha.11, =1.0.1, =0.2.8, =1.6.0, =1.0.0, =1.1.2 and more Source cves: CVE-2019-10793 Source advisory: OSV:GHSA-J9CF-PR2X-5273...

GHSA-J9CF-PR2X-5273 Prototype Pollution in dot-object

dot-object before 2.1.3 is vulnerable to Prototype Pollution. The set function could be tricked into adding or modifying properties of Object.prototype using a proto payload...

Prototype Pollution in dot-object

dot-object before 2.1.3 is vulnerable to Prototype Pollution. The set function could be tricked into adding or modifying properties of Object.prototype using a proto payload...

Unspecified Vulnerability in Dot-object

Dot-object is a module to convert json objects using dot representation. A security vulnerability exists in Dot-object versions prior to 2.1.3. An attacker can exploit this vulnerability to add or modify Object.prototype properties with the help of the 'set' parameter...

CVE-2019-10793

dot-object before 2.1.3 is vulnerable to Prototype Pollution. The set function could be tricked into adding or modifying properties of Object.prototype using a proto payload...

CVE-2019-10793

dot-object before 2.1.3 is vulnerable to Prototype Pollution. The set function could be tricked into adding or modifying properties of Object.prototype using a proto payload...

Design/Logic Flaw

dot-object before 2.1.3 is vulnerable to Prototype Pollution. The set function could be tricked into adding or modifying properties of Object.prototype using a proto payload...

CVE-2019-10793

CVE-2019-10793 affects the dot-object module prior to version 2.1.3. The vulnerability is a Prototype Pollution flaw where the set function can be tricked into adding or modifying properties on Object.prototype via a proto payload. Evidence in connected records confirms the issue and its descript...

CVE-2019-10793

dot-object before 2.1.3 is vulnerable to Prototype Pollution. The set function could be tricked into adding or modifying properties of Object.prototype using a proto payload...

@nitro/app (>=4.14.2 <=5.2.0), @omneedia/template (>=1.0.0 <=1.0.10) +3 more potentially affected by CVE-2019-10793 via dot-object (>=2.0.0 <=2.1.2)

dot-object NPM version =2.0.0, =4.14.2, =1.0.0, =1.0.0, =1.4.8, =1.5.11 Source cves: CVE-2019-10793 Source advisory: SNYK:JS-DOTOBJECT-548905...

Prototype Pollution

Overview dot-object is a module that makes it possible to transform javascript objects using dot notation. Affected versions of this package are vulnerable to Prototype Pollution. The set function could be tricked into adding or modifying properties of Object.prototype using a proto payload. PoC ...