6 matches found
CVE-2020-7768
A flaw was found in nodejs-grpc, where the package @grpc/grpc-js is vulnerable to Prototype Pollution via the loadPackageDefinition. The highest threat from this vulnerability is to system availability...
CVE-2020-7768
The package grpc before 1.24.4; the package @grpc/grpc-js before 1.1.8 are vulnerable to Prototype Pollution via loadPackageDefinition...
CVE-2020-7768 Prototype Pollution
The package grpc before 1.24.4; the package @grpc/grpc-js before 1.1.8 are vulnerable to Prototype Pollution via loadPackageDefinition...
CVE-2020-7768
CVE-2020-7768 affects gRPC in Node.js: the package grpc prior to 1.24.4 and @grpc/grpc-js prior to 1.1.8 are vulnerable to Prototype Pollution via loadPackageDefinition. Impact details in sources describe a pollution path that could alter object prototypes, enabling unauthorized modification of o...
Prototype Pollution
Overview grpc is a gRPC Library for Node Affected versions of this package are vulnerable to Prototype Pollution via loadPackageDefinition. POC: const loadPackageDefinition = require'grpc'; loadPackageDefinition'proto.polluted': true; console.logpolluted; Details Prototype Pollution is a...
Prototype Pollution
Overview @grpc/grpc-js is a gRPC Library for Node Affected versions of this package are vulnerable to Prototype Pollution via loadPackageDefinition. POC: const loadPackageDefinition = require'grpc'; loadPackageDefinition'proto.polluted': true; console.logpolluted; Details Prototype Pollution is a...