9 matches found
CVE-2024-39018
harvey-woo cat5th/key-serializer v0.2.5 was discovered to contain a prototype pollution via the function "query". This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service DoS via injecting arbitrary properties...
Prototype Pollution
@cat5th/key-serializer is vulnerable to Prototype Pollution. The vulnerability is due to passing crafted arguments with the proto property using functions like query, set, default.query, and default.set. The vulnerability allows attackers to alter the behavior of all objects inheriting from the...
@cat5th/key-serializer Prototype Pollution vulnerability
harvey-woo cat5th/key-serializer v0.2.5 was discovered to contain a prototype pollution via the function "query". This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service DoS via injecting arbitrary properties...
GHSA-WHPX-G542-7C7V @cat5th/key-serializer Prototype Pollution vulnerability
harvey-woo cat5th/key-serializer v0.2.5 was discovered to contain a prototype pollution via the function "query". This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service DoS via injecting arbitrary properties...
CVE-2024-39018
harvey-woo cat5th/key-serializer v0.2.5 was discovered to contain a prototype pollution via the function "query". This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service DoS via injecting arbitrary properties...
CVE-2024-39018
CVE-2024-39018 affects harvey-woo cat5th/key-serializer v0.2.5. The root cause is a prototype pollution flaw in the query function, enabling attackers to inject properties and potentially execute arbitrary code or cause a Denial of Service. Multiple sources (NVD, Red Hat, Veracode, GHSA, osv, CVE...
CVE-2024-39018
harvey-woo cat5th/key-serializer v0.2.5 was discovered to contain a prototype pollution via the function "query". This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service DoS via injecting arbitrary properties...
CVE-2024-39018
harvey-woo cat5th/key-serializer v0.2.5 was discovered to contain a prototype pollution via the function "query". This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service DoS via injecting arbitrary properties...
key-serializer security vulnerability
key-serializer is a library by Harvey Woo Personal Developer. It is used to serialize keys and query keys deep within objects. A security vulnerability exists in key-serializer version 0.2.5, which stems from a function containing prototype contamination that allows an attacker to execute arbitra...