18 matches found
lodash: prototype pollution in _.unset and _.omit functions
A flaw was found in Lodash. A prototype pollution vulnerability in the .unset and .omit functions allows an attacker able to control property paths to delete methods from global prototypes. By removing essential functionalities, this can result in a denial of service...
lodash: prototype pollution in _.unset and _.omit functions
A flaw was found in Lodash. A prototype pollution vulnerability in the .unset and .omit functions allows an attacker able to control property paths to delete methods from global prototypes. By removing essential functionalities, this can result in a denial of service...
RLSA-2026:18868 Important: linux-sgx security update
The Intel SGX SDK is a collection of APIs, libraries, documentations and tools that allow software developers to create and debug Intel SGX enabled applications in C/C++. Security Fixes: qs: qs: Denial of Service via improper input validation in array parsing CVE-2025-15284 node-tar: tar: node-ta...
redux-queue-offline (=0.4.1) potentially affected by CVE-2026-2950 via lodash.unset (=4.0.2)
lodash.unset NPM version =4.0.2 is affected by a known vulnerability. The following packages have a transitive dependency on lodash.unset and may be impacted: - redux-queue-offline =0.4.1 Source cves: CVE-2026-2950 Source advisory: OSV:GHSA-F23M-R3PF-42RH...
redux-queue-offline (=0.4.1) potentially affected by CVE-2025-13465 +1 more via lodash.unset (=4.0.2)
lodash.unset NPM version =4.0.2 is affected by a known vulnerability. The following packages have a transitive dependency on lodash.unset and may be impacted: - redux-queue-offline =0.4.1 Source cves: CVE-2025-13465, CVE-2026-2950 Source advisory: SNYK:JS-LODASHUNSET-15869620...
Prototype Pollution
Overview lodash.unset is a The lodash method .unset exported as a module. Affected versions of this package are vulnerable to Prototype Pollution via the .unset and .omit functions. An attacker can delete properties from built-in prototypes by supplying array-wrapped path segments, potentially...
SUSE-SU-2026:20653-1 Security update for cockpit
This update for cockpit fixes the following issues: - CVE-2025-13465: prototype pollution in the .unset and .omit functions can lead to deletion of methods from global prototypes bsc1257324...
SUSE-SU-2026:20695-1 Security update for cockpit-machines
This update for cockpit-machines fixes the following issues: - CVE-2025-13465: prototype pollution in the .unset and .omit functions can lead to deletion of methods from global prototypes bsc1257325...
SUSE-SU-2026:20540-1 Security update for cockpit-repos
This update for cockpit-repos fixes the following issues: Update to version 4.7. Security issues fixed: - CVE-2025-13465: prototype pollution in the .unset and .omit functions can lead to deletion of methods from global bsc1257325. - CVE-2025-64718: js-yaml prototype pollution in merge bsc1255425...
lodash: prototype pollution in _.unset and _.omit functions
A flaw was found in Lodash. A prototype pollution vulnerability in the .unset and .omit functions allows an attacker able to control property paths to delete methods from global prototypes. By removing essential functionalities, this can result in a denial of service...
openSUSE 16 Security Update : cockpit-packages (openSUSE-SU-2026:20185-1)
The remote openSUSE 16 host has a package installed that is affected by a vulnerability as referenced in the openSUSE- SU-2026:20185-1 advisory. - CVE-2025-13465: prototype pollution in the .unset and .omit functions can lead to deletion of methods from global bsc1257325. Tenable has extracted th...
SUSE-SU-2026:20338-1 Security update for cockpit-packages
This update for cockpit-packages fixes the following issues: - CVE-2025-13465: prototype pollution in the .unset and .omit functions can lead to deletion of methods from global bsc1257325...
SUSE-SU-2026:20337-1 Security update for cockpit
This update for cockpit fixes the following issues: - CVE-2025-13465: prototype pollution in the .unset and .omit functions can lead to deletion of methods from global prototypes bsc1257324...
OPENSUSE-SU-2026:20182-1 Security update for cockpit
This update for cockpit fixes the following issues: - CVE-2025-13465: prototype pollution in the .unset and .omit functions can lead to deletion of methods from global prototypes bsc1257324...
OPENSUSE-SU-2026:20181-1 Security update for cockpit-subscriptions
This update for cockpit-subscriptions fixes the following issues: - CVE-2025-13465: prototype pollution in the .unset and .omit functions can lead to deletion of methods from global prototypes bsc1257324...
Prototype Pollution
Overview lodash.unset is a The lodash method .unset exported as a module. Affected versions of this package are vulnerable to Prototype Pollution via the .unset and .omit functions. An attacker can delete methods held in properties of global prototypes but cannot overwrite those properties. Detai...
@aaronuu/react-forms (>=0.0.1 <=0.2.2), @actra-development-oss/redux-persist-transform-filter-immutable (>=0.1.1 <=1.0.0) +774 more potentially affected by CVE-2025-13465 via lodash.unset (>=4.0.2 <=4.5.2)
lodash.unset NPM version =4.0.2, =0.0.1, =0.1.1, =0.1.0, =0.0.1, =1.1.0, =0.0.4, =1.8.28, =1.1.0, =0.1.2, =0.0.1, =0.1.0, =0.0.1, =2.1.1 and more Source cves: CVE-2025-13465 Source advisory: SNYK:JS-LODASHUNSET-15053837...
@aaronuu/react-forms (>=0.0.1 <=0.2.2), @actra-development-oss/redux-persist-transform-filter-immutable (>=0.1.1 <=1.0.0) +774 more potentially affected by CVE-2025-13465 via lodash.unset (>=4.0.2 <=4.5.2)
lodash.unset NPM version =4.0.2, =0.0.1, =0.1.1, =0.1.0, =0.0.1, =1.1.0, =0.0.4, =1.8.28, =1.1.0, =0.1.2, =0.0.1, =0.1.0, =0.0.1, =2.1.1 and more Source cves: CVE-2025-13465 Source advisory: OSV:GHSA-XXJR-MMJV-4GPG...