23 matches found
CVE-2020-7701
CVE-2020-7701 and CVE-2022-24279 involve Prototype Pollution in madlib-object-utils prior to 0.1.8 via the setValue method. Affected: madlib-object-utils
Prototype Pollution
Overview madlib-object-utils is an A small set of utility functions for working with objects Affected versions of this package are vulnerable to Prototype Pollution via setValue. POC: const objectUtils = require"madlib-object-utils"; objectUtils.setValue'proto.polluted', , true;...
PT-2020-19724 · Madlib · Madlib-Object-Utils
Name of the Vulnerable Software and Affected Versions: madlib-object-utils versions prior to 0.1.7 Description: The issue allows for Prototype Pollution via the setValue function. Recommendations: For versions prior to 0.1.7, update to version 0.1.7 or later to resolve the issue...