5 matches found
CVE-2026-16150
A vulnerability was found in RobinHerbots Inputmask up to 5.0.9. Affected by this issue is the function extendDefaults/extendDefinitions/extendAliases in the library lib/dependencyLibs/extend.js of the component Internal Deep Merge Helper. The manipulation results in improperly controlled...
CVE-2026-16150 RobinHerbots Inputmask Internal Deep Merge Helper extend.js extendAliases prototype pollution
A vulnerability was found in RobinHerbots Inputmask up to 5.0.9. Affected by this issue is the function extendDefaults/extendDefinitions/extendAliases in the library lib/dependencyLibs/extend.js of the component Internal Deep Merge Helper. The manipulation results in improperly controlled...
EUVD-2026-45394
A vulnerability was found in RobinHerbots Inputmask up to 5.0.9. Affected by this issue is the function extendDefaults/extendDefinitions/extendAliases in the library lib/dependencyLibs/extend.js of the component Internal Deep Merge Helper. The manipulation results in improperly controlled...
CVE-2026-16150
The CVE affects RobinHerbots Inputmask (versions up to 5.0.9). The vulnerability arises in the Internal Deep Merge Helper’s extendDefaults/extendDefinitions/extendAliases in lib/dependencyLibs/extend.js, causing improperly controlled modification of object prototype attributes (prototype pollutio...
@albalyu/npm-scripts (>=2.0.1 <=2.0.40), @opuscapita/eslint-config-opuscapita-bnapp (>=1.0.1 <=1.0.6) +7 more potentially affected by CVE-2020-36632 via flat (=3.0.0)
flat NPM version =3.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on flat and may be impacted: - @albalyu/npm-scripts =2.0.1, =1.0.1, =2.2.1, =2.0.0, =0.0.1-beta.2, =4.0.1, =0.3.0-beta.16, =0.3.0-beta.83 Source cves: CVE-2020-36632 Source advisory:...