merge 安全漏洞

“merge” is a recursive object merging tool developed by brikcss. Versions of “merge” prior to 1.3.0 contained security vulnerabilities. These vulnerabilities stemmed from improper handling of parameters like proto/constructor.prototype/prototype, which could lead to improper modification of objec...

Malicious Package

Overview json-merge-tool is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

Malicious code in json-merge-tool (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f16e8d9c37feb30d5a44f7a94620c3a09d182a34cd5ccc1e7c97aaf4a991ab10 The package json-merge-tool was found to contain malicious code. Source: ghsa-malware 4bb041118bdac1123bd722a9b1f99ddb6ca406f7ce80d5de344b2c36614b89e...

MAL-2026-1297 Malicious code in json-merge-tool (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f16e8d9c37feb30d5a44f7a94620c3a09d182a34cd5ccc1e7c97aaf4a991ab10 The package json-merge-tool was found to contain malicious code. Source: ghsa-malware 4bb041118bdac1123bd722a9b1f99ddb6ca406f7ce80d5de344b2c36614b89e...

OS Command Injection

Overview Affected versions of this package are vulnerable to OS Command Injection via the merge tool. An attacker can execute arbitrary commands by supplying crafted input that is improperly handled during the construction of commands. Remediation Upgrade thor to version 1.4.0 or higher. Referenc...

merge 安全漏洞

merge is a tool for recursively merging JavaScript objects. A security vulnerability exists in @ianwalter/merge, which stems from the package's susceptibility to prototype contamination via the main merge function...

CVE-2002-0619

The CVE-2002-0619 entry concerns Microsoft Word 2002 for Windows, where the Mail Merge Tool—when Microsoft Access is installed—allows remote attackers to run VBA scripts embedded in an HTML mail-merge document. This is identified as a variant of MS00-071 (CVE-2000-0788). Affected component: Word’...

CVE-2002-0619

The Mail Merge Tool in Microsoft Word 2002 for Windows, when Microsoft Access is present on a system, allows remote attackers to execute Visual Basic VBA scripts within a mail merge document that is saved in HTML format, aka a "Variant of MS00-071, Word Mail Merge Vulnerability" CVE-2000-0788...

CVE-2002-0619

The Mail Merge Tool in Microsoft Word 2002 for Windows, when Microsoft Access is present on a system, allows remote attackers to execute Visual Basic VBA scripts within a mail merge document that is saved in HTML format, aka a "Variant of MS00-071, Word Mail Merge Vulnerability" CVE-2000-0788...

CVE-2000-0788

The Mail Merge tool in Microsoft Word does not prompt the user before executing Visual Basic VBA scripts in an Access database, which could allow an attacker to execute arbitrary commands...