11 matches found
EUVD-2018-0749
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2018-16469
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The merge.recursive function in the merge package 1.2.1 can be tricked into adding or modifying properties of the Object prototype. These properties will be...
CLSA-2025-1748629384 Update of less
Merge package with 458-10 release...
PT-2021-11555
Name of the Vulnerable Software and Affected Versions: merge versions prior to 2.1.1 Description: The issue concerns Prototype Pollution via the recursiveMerge function. This affects the merge package, potentially allowing for malicious modifications to the prototype. Recommendations: For version...
merge package denial of service vulnerability
The merge package is a package for merging multiple objects into one. A security vulnerability exists in the 'merge.recursive' function in merge package versions prior to 1.2. An attacker can exploit this vulnerability to cause a denial of service...
CVE-2018-16469
The merge.recursive function in the merge package 1.2.1 can be tricked into adding or modifying properties of the Object prototype. These properties will be present on all objects allowing for a denial of service attack...
Design/Logic Flaw
The merge.recursive function in the merge package 1.2.1 can be tricked into adding or modifying properties of the Object prototype. These properties will be present on all objects allowing for a denial of service attack...
CVE-2018-16469
The merge.recursive function in the merge package 1.2.1 can be tricked into adding or modifying properties of the Object prototype. These properties will be present on all objects allowing for a denial of service attack...
CVE-2018-16469
The merge.recursive function in the merge package 1.2.1 can be tricked into adding or modifying properties of the Object prototype. These properties will be present on all objects allowing for a denial of service attack...
CVE-2018-16469
CVE-2018-16469 affects the merge package before version 1.2.1. The vulnerability arises in the merge.recursive function, which can be tricked into adding or modifying properties of Object.prototype. These polluted properties become present on all objects, potentially enabling a denial-of-service ...
CVE-2018-16469
The merge.recursive function in the merge package 1.2.1 can be tricked into adding or modifying properties of the Object prototype. These properties will be present on all objects allowing for a denial of service attack...