4 matches found
CVE-2023-0842
xml2js version 0.4.23 allows an external attacker to edit or add new properties to an object. This is possible because the application does not properly validate incoming JSON keys, thus allowing the proto property to be edited...
fastest-json-copy vulnerable to Prototype Pollution
fastest-json-copy version 1.0.1 allows an external attacker to edit or add new properties to an object. This is possible because the application does not correctly validate the incoming JSON keys, thus allowing the proto property to be edited...
fastest-json-copy 安全漏洞
fastest-json-copy is a library by Vadim Dalecky personal developer . It is used for JSON deep cloning implementations. A security vulnerability exists in fastest-json-copy version 1.0.1, which stems from an application not properly validating incoming JSON keys...
deep-object-diff 安全漏洞
deep-object-diff is a small library by Matt Phillips, a personal developer, that can deeply differentiate between two JavaScript objects, including arrays and nested structures of objects. A security vulnerability exists in deep-object-diff version 1.1.0 that stems from an application's inability...