14 matches found
EUVD-2021-0798
Malware in sbrugna...
CVE-2020-8125
Flaw in input validation in npm package klona version 1.1.0 and earlier may allow prototype pollution attack that may result in remote code execution or denial of service of applications using klona...
GHSA-8F89-2FWJ-5V5R Improper Input Validation in klona
Flaw in input validation in npm package klona version 1.1.0 and earlier may allow prototype pollution attack that may result in remote code execution or denial of service of applications using klona...
Improper Input Validation in klona
Flaw in input validation in npm package klona version 1.1.0 and earlier may allow prototype pollution attack that may result in remote code execution or denial of service of applications using klona...
Duplicate Advisory: Prototype Pollution in klona
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-8f89-2fwj-5v5r. This link is maintained to preserve external references. Original Description Versions of klona prior to 1.1.1 are vulnerable to prototype pollution. The package does not restrict the modificatio...
GHSA-4R97-78GF-Q24V Duplicate Advisory: Prototype Pollution in klona
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-8f89-2fwj-5v5r. This link is maintained to preserve external references. Original Description Versions of klona prior to 1.1.1 are vulnerable to prototype pollution. The package does not restrict the modificatio...
CVE-2020-8125
Flaw in input validation in npm package klona version 1.1.0 and earlier may allow prototype pollution attack that may result in remote code execution or denial of service of applications using klona...
CVE-2020-8125
Flaw in input validation in npm package klona version 1.1.0 and earlier may allow prototype pollution attack that may result in remote code execution or denial of service of applications using klona...
Input validation
Flaw in input validation in npm package klona version 1.1.0 and earlier may allow prototype pollution attack that may result in remote code execution or denial of service of applications using klona...
CVE-2020-8125
The CVE-2020-8125 issue affects the npm package klona (versions ≤ 1.1.0). Root cause: flaw in input validation enabling prototype pollution, allowing an attacker to corrupt object prototypes and potentially lead to remote code execution or denial of service in applications that deep-clone objects...
CVE-2020-8125
Flaw in input validation in npm package klona version 1.1.0 and earlier may allow prototype pollution attack that may result in remote code execution or denial of service of applications using klona...
Prototype Pollution
klona is vulnerable to prototype pollution. Lack of object validation allows an attacker to inject arbitrary Object properties which can potentially lead to execution of arbitrary code...
Prototype Pollution
Overview Versions of klona prior to 1.1.1 are vulnerable to prototype pollution. The package does not restrict the modification of an Object's prototype when cloning objects, which may allow an attacker to add or modify an existing property that will exist on all objects. Recommendation Upgrade t...
Node.js third-party modules: [klona] Prototype pollution
I would like to report Prototype pollution in klona It allows adding arbitrary property to Prototype while deep cloning an object Module module name: klona version: Hunter's comments and funny memes goes here F690469 Impact Denial of Service and possible Remote code execution by overriding object...