25 matches found
EUVD-2021-1022
Malware in sbrugna...
EUVD-2021-0999
Malware in sbrugna...
MAL-2025-12126 Malicious code in @zalastax/nolb-json8 (npm)
The package @zalastax/nolb-json8 was found to contain malicious code...
Malicious code in @zalastax/nolb-json8 (npm)
The package @zalastax/nolb-json8 was found to contain malicious code...
CVE-2020-8268
Prototype pollution vulnerability in json8-merge-patch npm package 1.0.3 may allow attackers to inject or modify methods and properties of the global object constructor...
GHSA-8V9X-9XQG-R8MR Prototype pollution in json8-merge-patch
Prototype pollution vulnerability in json8-merge-patch npm package 1.0.3 may allow attackers to inject or modify methods and properties of the global object constructor...
Prototype pollution in json8-merge-patch
Prototype pollution vulnerability in json8-merge-patch npm package 1.0.3 may allow attackers to inject or modify methods and properties of the global object constructor...
GHSA-7H43-GX24-P529 Prototype pollution in json8
This affects the package json8 before 1.0.3. The function adds in the target object the property specified in the path, however it does not properly check the key being set, leading to a prototype pollution...
@alexeimyshkouski/json-api (=0.0.1), @cyber-crafts/ltc-core (=1.0.0) +13 more potentially affected by CVE-2020-7770 via json8 (>=0.1.0 <=0.9.2)
json8 NPM version =0.1.0, =0.0.10, =0.4.0, =0.2.0, =1.1.0, =1.3.0, =2.0.2, =1.0.0, =1.1.1, =1.2.3, =1.3.0 - yaml-scheme =1.0.2 Source cves: CVE-2020-7770 Source advisory: OSV:GHSA-7H43-GX24-P529...
Prototype pollution in json8
This affects the package json8 before 1.0.3. The function adds in the target object the property specified in the path, however it does not properly check the key being set, leading to a prototype pollution...
CVE-2020-7770
This affects the package json8 before 1.0.3. The function adds in the target object the property specified in the path, however it does not properly check the key being set, leading to a prototype pollution...
CVE-2020-7770
This affects the package json8 before 1.0.3. The function adds in the target object the property specified in the path, however it does not properly check the key being set, leading to a prototype pollution...
Code injection
This affects the package json8 before 1.0.3. The function adds in the target object the property specified in the path, however it does not properly check the key being set, leading to a prototype pollution...
CVE-2020-7770 Prototype Pollution
This affects the package json8 before 1.0.3. The function adds in the target object the property specified in the path, however it does not properly check the key being set, leading to a prototype pollution...
PT-2020-19782 · Json8 · Json8
Name of the Vulnerable Software and Affected Versions: json8 versions prior to 1.0.3 Description: The issue arises from a function that adds properties to a target object without properly checking the key being set, leading to prototype pollution. Recommendations: For versions prior to 1.0.3,...
Prototype Pollution
json8-merge-patch is vulnerable to prototype pollution. Failure to sanitize the apply functions allows for injection of arbitrary properties into existing construct prototypes and modification of attributes such as proto, constructor and prototype...
CVE-2020-8268
Prototype pollution vulnerability in json8-merge-patch npm package 1.0.3 may allow attackers to inject or modify methods and properties of the global object constructor...
CVE-2020-8268
Prototype pollution vulnerability in json8-merge-patch npm package 1.0.3 may allow attackers to inject or modify methods and properties of the global object constructor...
CVE-2020-8268
Prototype pollution vulnerability in json8-merge-patch npm package 1.0.3 may allow attackers to inject or modify methods and properties of the global object constructor...
CVE-2020-8268
The CVE-2020-8268 entry relates to the json8-merge-patch npm package. Affected software: json8-merge-patch prior to version 1.0.3. Root cause: the apply function fails to restrict access to object prototypes, enabling prototype pollution. Potential impact: modification of for-prototype behavior w...