Lucene search
K

7 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.10 views

EUVD-2018-0190

Malware in sbrugna...

8.8CVSS8.6AI score0.04226EPSS
Exploits1References14
OSV
OSV
added 2022/09/25 12:0 a.m.4 views

GHSA-C429-5P7V-VGJP hoek subject to prototype pollution via the clone function.

hoek versions prior to 8.5.1, and 9.x prior to 9.0.3 are vulnerable to prototype pollution in the clone function. If an object with the proto key is passed to clone the key is converted to a prototype. This issue has been patched in version 9.0.3, and backported to 8.5.1...

8.1CVSS6.9AI score0.00925EPSS
Exploits0References4
OSV
OSV
added 2022/09/23 6:15 a.m.2 views

DEBIAN-CVE-2020-36604

hoek before 8.5.1 and 9.x before 9.0.3 allows prototype poisoning in the clone function...

8.1CVSS7.7AI score0.00925EPSS
Exploits0References1
OSV
OSV
added 2022/09/23 6:15 a.m.2 views

UBUNTU-CVE-2020-36604

hoek before 8.5.1 and 9.x before 9.0.3 allows prototype poisoning in the clone function...

8.1CVSS7.1AI score0.00925EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2018/04/30 6:41 p.m.5 views

hoek: Prototype pollution in utilities function

hoek node module before 4.2.0 and 5.0.x before 5.0.3 suffers from a Modification of Assumed-Immutable Data MAID vulnerability via 'merge' and 'applyToDefaults' functions, which allows a malicious user to modify the prototype of "Object" via proto, causing the addition or modification of an existi...

8.8CVSS7.4AI score0.04226EPSS
Exploits1References4
OSV
OSV
added 2018/04/26 3:25 p.m.3 views

GHSA-JP4X-W63M-7WGM Prototype Pollution in hoek

Versions of hoek prior to 4.2.1 and 5.0.3 are vulnerable to prototype pollution. The merge function, and the applyToDefaults and applyToDefaultsWithShallow functions which leverage merge behind the scenes, are vulnerable to a prototype pollution attack when provided an unvalidated payload created...

8.8CVSS7.2AI score0.04226EPSS
Exploits1References9
OSV
OSV
added 2018/03/30 7:29 p.m.4 views

UBUNTU-CVE-2018-3728

hoek node module before 4.2.0 and 5.0.x before 5.0.3 suffers from a Modification of Assumed-Immutable Data MAID vulnerability via 'merge' and 'applyToDefaults' functions, which allows a malicious user to modify the prototype of "Object" via proto, causing the addition or modification of an existi...

8.8CVSS5.8AI score0.04226EPSS
Exploits1References3
Rows per page
Query Builder