9 matches found
EUVD-2024-0244
Malicious code in bioql PyPI...
CVE-2024-23339
hoolock is a suite of lightweight utilities designed to maintain a small footprint when bundled. Starting in version 2.0.0 and prior to version 2.2.1, utility functions related to object paths get, set, and update did not block attempts to access or alter object prototypes. Starting in version...
Prototype Pollution
hoolock is vulnerable to Prototype Pollution. The vulnerability is due to utility functions failing to block attempts to access or alter object prototypes. An attacker can modify application data or perform a Denial of Service by exploiting this vulnerability...
CVE-2024-23339
hoolock is a suite of lightweight utilities designed to maintain a small footprint when bundled. Starting in version 2.0.0 and prior to version 2.2.1, utility functions related to object paths get, set, and update did not block attempts to access or alter object prototypes. Starting in version...
Design/Logic Flaw
hoolock is a suite of lightweight utilities designed to maintain a small footprint when bundled. Starting in version 2.0.0 and prior to version 2.2.1, utility functions related to object paths get, set, and update did not block attempts to access or alter object prototypes. Starting in version...
CVE-2024-23339 hoolock does not block Prototype pollution with object-path related utilities
hoolock is a suite of lightweight utilities designed to maintain a small footprint when bundled. Starting in version 2.0.0 and prior to version 2.2.1, utility functions related to object paths get, set, and update did not block attempts to access or alter object prototypes. Starting in version...
CVE-2024-23339 hoolock does not block Prototype pollution with object-path related utilities
hoolock is a suite of lightweight utilities designed to maintain a small footprint when bundled. Starting in version 2.0.0 and prior to version 2.2.1, utility functions related to object paths get, set, and update did not block attempts to access or alter object prototypes. Starting in version...
CVE-2024-23339
Hoolock versions 2.0.0–2.2.0 expose a Prototype Pollution risk via object-path utilities (get, set, update) that fail to block inherited property access/modification. Starting in 2.2.1 these functions throw a TypeError when attempting to access or alter inherited properties, mitigating the vulner...
hoolock Security Vulnerabilities
hoolock is a lightweight utility suite by elijahharry personal developer. A security vulnerability exists in hoolock version 2.0.0 through versions prior to 2.2.1, which stems from a function related to an object path that does not prevent access to or change of an object prototype...