27 matches found
Prototype Pollution
json-ptr is vulnerable to prototype pollution. An attacker is able to inject arbitrary properties into existing construct prototypes...
CVE-2020-7766
This affects all versions of package json-ptr. The issue occurs in the set operation https://flitbit.github.io/json-ptr/classes/srcpointer.jsonpointer.htmlset when the force flag is set to true. The function recursively set the property in the target object, however it does not properly check the...
CVE-2020-7766
This affects all versions of package json-ptr. The issue occurs in the set operation https://flitbit.github.io/json-ptr/classes/srcpointer.jsonpointer.htmlset when the force flag is set to true. The function recursively set the property in the target object, however it does not properly check the...
Code injection
This affects all versions of package json-ptr. The issue occurs in the set operation https://flitbit.github.io/json-ptr/classes/srcpointer.jsonpointer.htmlset when the force flag is set to true. The function recursively set the property in the target object, however it does not properly check the...
CVE-2020-7766
The CVE-2020-7766 issue affects the json-ptr package and is triggered in the set operation when the force flag is true. The vulnerable path recursively sets properties on the target object but does not adequately validate the key, enabling prototype pollution. Affected versions are before 3.0.0, ...
CVE-2020-7766 Prototype Pollution
This affects all versions of package json-ptr. The issue occurs in the set operation https://flitbit.github.io/json-ptr/classes/srcpointer.jsonpointer.htmlset when the force flag is set to true. The function recursively set the property in the target object, however it does not properly check the...
PT-2020-19778 · Json Ptr · Json-Ptr
Name of the Vulnerable Software and Affected Versions: json-ptr versions prior to 2.1.0 Description: The issue occurs in the set operation when the force flag is set to true. The function recursively sets the property in the target object, however it does not properly check the key being set,...