13 matches found
EUVD-2022-7597
Malicious code in bioql PyPI...
Prototype Pollution
dustjs-linkedin is vulnerable to prototype pollution. The vulnerability exists because prototype attributes are not properly validated which allows an attacker to inject malicious characteristics to add new properties to a JavaScript application object prototype, overwriting or contaminating the...
2gis-maps (>=2.2.4 <=3.7.0), @27works/posto (=2.0.2) +281 more potentially affected by CVE-2021-4264 via dustjs-linkedin (>=0.4.0 <=2.7.5)
dustjs-linkedin NPM version =0.4.0, =2.2.4, =0.0.1, =0.2.0, =1.0.0, =0.0.1, =0.1.9, =0.1.8, =1.0.0, =1.0.27 and more Source cves: CVE-2021-4264 Source advisory: OSV:GHSA-C6RP-WRP9-QR4Q...
GHSA-C6RP-WRP9-QR4Q dustjs-linkedin vulnerable to Prototype Pollution
A vulnerability was found in LinkedIn dustjs prior to version 3.0.0 and classified as problematic. Affected by this issue is some unknown functionality. The manipulation leads to improperly controlled modification of object prototype attributes 'prototype pollution'. The attack may be launched...
dustjs-linkedin vulnerable to Prototype Pollution
A vulnerability was found in LinkedIn dustjs prior to version 3.0.0 and classified as problematic. Affected by this issue is some unknown functionality. The manipulation leads to improperly controlled modification of object prototype attributes 'prototype pollution'. The attack may be launched...
CVE-2021-4264
A vulnerability was found in LinkedIn dustjs up to 2.x and classified as problematic. Affected by this issue is some unknown functionality. The manipulation leads to improperly controlled modification of object prototype attributes 'prototype pollution'. The attack may be launched remotely. The...
CVE-2021-4264
A vulnerability was found in LinkedIn dustjs up to 2.x and classified as problematic. Affected by this issue is some unknown functionality. The manipulation leads to improperly controlled modification of object prototype attributes 'prototype pollution'. The attack may be launched remotely. The...
Design/Logic Flaw
A vulnerability was found in LinkedIn dustjs up to 2.x and classified as problematic. Affected by this issue is some unknown functionality. The manipulation leads to improperly controlled modification of object prototype attributes 'prototype pollution'. The attack may be launched remotely. The...
CVE-2021-4264 LinkedIn dustjs prototype pollution
A vulnerability was found in LinkedIn dustjs up to 2.x and classified as problematic. Affected by this issue is some unknown functionality. The manipulation leads to improperly controlled modification of object prototype attributes 'prototype pollution'. The attack may be launched remotely. The...
PT-2022-11644 · Linkedin · Dustjs
Name of the Vulnerable Software and Affected Versions: LinkedIn dustjs versions up to 2.x LinkedIn dustjs version 3.0.0 Description: A vulnerability was found in LinkedIn dustjs, allowing for improperly controlled modification of object prototype attributes, also known as 'prototype pollution'...
CVE-2021-4264
CVE-2021-4264 affects LinkedIn Dust.js up to 2.x and is caused by prototype pollution in an unknown function, potentially exploitable remotely. The issue has a patch for 3.0.0 and a patch identifier (ddb6523832465d38c9d80189e9de60519ac307c3); upgrading the affectedDust.js component to 3.0.0+ is r...
MAL-2022-2618 Malicious code in dustjs-linkedin-helpers (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 873bc4ced308a324a98fca026bd90202448ab5890c03760bfddfee7251a7211e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in dustjs-linkedin-helpers (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 873bc4ced308a324a98fca026bd90202448ab5890c03760bfddfee7251a7211e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...