Lucene search
K

5 matches found

Fedora
Fedora
added 2024/03/07 10:33 p.m.21 views

[SECURITY] Fedora 40 Update: sequence-library-1.0.3-18.fc40

A textual diff and merge library...

8.8CVSS6.9AI score0.02557EPSS
Exploits3
OSV
OSV
added 2021/05/04 8:18 p.m.2 views

GHSA-7WPW-2HJM-89GP Prototype Pollution in merge

All versions of package merge 2.1.1 are vulnerable to Prototype Pollution via recursiveMerge...

7.3CVSS7.2AI score0.01443EPSS
Exploits0References7
Snyk
Snyk
added 2020/11/22 3:13 p.m.4 views

Prototype Pollution

Overview merge is a library that allows you to merge multiple objects into one, optionally creating a new cloned object. Similar to the jQuery.extend but more flexible. Works in Node.js and the browser. Affected versions of this package are vulnerable to Prototype Pollution via recursiveMerge...

9.8CVSS9AI score0.01443EPSS
Exploits0References2
OSV
OSV
added 2018/11/01 2:45 p.m.2 views

GHSA-F9CM-QMX5-M98H Prototype Pollution in merge

Versions of merge before 1.2.1 are vulnerable to prototype pollution. The merge.recursive function can be tricked into adding or modifying properties of the Object prototype. Recommendation Update to version 1.2.1 or later...

7.5CVSS7.2AI score0.01678EPSS
Exploits1References4
OSV
OSV
added 2018/10/30 9:29 p.m.3 views

UBUNTU-CVE-2018-16469

The merge.recursive function in the merge package 1.2.1 can be tricked into adding or modifying properties of the Object prototype. These properties will be present on all objects allowing for a denial of service attack...

7.5CVSS7.1AI score0.01678EPSS
Exploits1References4
Rows per page
Query Builder