13 matches found
EUVD-2021-1358
Malware in sbrugna...
Prototype Pollution
Overview org.webjars.npm:pace-js is an Automatically add a progress bar to your site. Affected versions of this package are vulnerable to Prototype Pollution via the extend function, which recursively copies key-value pairs from the source object without properly validating property names. An...
Prototype Pollution
Overview Prototype pollution vulnerability in 'js-extend' versions 0.0.1 through 1.0.1 allows attacker to cause a denial of service and may lead to remote code execution. Recommendation Avoid using js-extend as there is no current safe version of this module References - CVE - GitHub Advisory...
Prototype pollution vulnerability in js-extend
Prototype pollution vulnerability in 'js-extend' versions 0.0.1 through 1.0.1 allows attacker to cause a denial of service and may lead to remote code execution...
GHSA-MH82-55CM-6GFH Prototype pollution vulnerability in js-extend
Prototype pollution vulnerability in 'js-extend' versions 0.0.1 through 1.0.1 allows attacker to cause a denial of service and may lead to remote code execution...
@ayk/registry (=1.0.0), @cag-group/google-api-tools (=0.3.1) +340 more potentially affected by CVE-2021-25945 via js-extend (>=0.0.1 <=1.0.1)
js-extend NPM version =0.0.1, =0.6.2, =2.1.12, =1.0.2, =3.4.1, =17.0.0, =1.0.0, =0.0.0, =1.0.0, =0.0.1, =1.0.0, =1.0.2 and more Source cves: CVE-2021-25945 Source advisory: OSV:GHSA-MH82-55CM-6GFH...
Unspecified vulnerability in js-extend
js-extend is a module for Npm with extension capabilities. A security vulnerability exists in js-extend versions 0.0.1 through 1.0.1, which can be exploited by an attacker to cause a denial of service and possibly remote code execution...
CVE-2021-25945
A flaw has been identified in js-extend. A prototype pollution vulnerability allows attackers to cause a denial of service and may lead to remote code execution. The highest threat from this vulnerability is to system availability...
Prototype Pollution
js-extend is vulnerable to prototype pollution. An attacker is able to inject properties into existing construct prototypes and modify attributes such as proto, constructor and prototype...
CVE-2021-25945
Prototype pollution vulnerability in 'js-extend' versions 0.0.1 through 1.0.1 allows attacker to cause a denial of service and may lead to remote code execution...
CVE-2021-25945
Prototype pollution vulnerability in 'js-extend' versions 0.0.1 through 1.0.1 allows attacker to cause a denial of service and may lead to remote code execution...
CVE-2021-25945
CVE-2021-25945 affects the npm module js-extend (versions 0.0.1–1.0.1). A prototype pollution flaw is described as enabling denial of service and potentially remote code execution. The connected sources reiterate the vulnerability and recommend avoiding js-extend, but no concrete patch/version is...
js-extend 安全漏洞
js-extend is a module for Npm with extension capabilities. A security vulnerability exists in js-extend versions 0.0.1 through 1.0.1, which can be exploited by an attacker to cause a denial of service and possibly remote code execution...