Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

11 matches found

EUVD
EUVDadded 2025/10/07 12:30 a.m.35 views

EUVD-2021-2051

Malware in sbrugna...

9.8CVSS9.2AI score0.01084EPSS
Exploits1References6
vulnersOsv
vulnersOsvadded 2021/09/01 6:36 p.m.1 views

@breautek/storm (>=2.0.0 <=3.0.0-rc.0), create-react-solution (>=1.2.0 <=4.4.1) +2 more potentially affected by CVE-2021-23421 via merge-change (>=1.5.3 <=1.8.1)

merge-change NPM version =1.5.3, =2.0.0, =1.2.0, =1.5.0, =4.0.0, =4.4.1 Source cves: CVE-2021-23421 Source advisory: OSV:GHSA-F9CV-665R-275H...

9.8CVSS7.2AI score0.01084EPSS
Exploits1
OSV
OSVadded 2021/09/01 6:36 p.m.3 views

GHSA-F9CV-665R-275H Prototype Pollution in merge-change

All current versions of package merge-change are vulnerable to Prototype Pollution via the utils.set function...

9.8CVSS7.2AI score0.01084EPSS
Exploits1References4
Github Security Blog
Github Security Blogadded 2021/09/01 6:36 p.m.33 views

Prototype Pollution in merge-change

All current versions of package merge-change are vulnerable to Prototype Pollution via the utils.set function...

9.8CVSS5AI score0.01084EPSS
Exploits1References4Affected Software1
NVD
NVDadded 2021/08/11 6:15 p.m.13 views

CVE-2021-23421

All versions of package merge-change are vulnerable to Prototype Pollution via the utils.set function...

9.8CVSS0.01084EPSS
Exploits1References2
Prion
Prionadded 2021/08/11 6:15 p.m.13 views

Code injection

All versions of package merge-change are vulnerable to Prototype Pollution via the utils.set function...

7.5CVSS9.4AI score0.01084EPSS
Exploits1References2
CVE
CVEadded 2021/08/11 5:30 p.m.56 views

CVE-2021-23421

CVE-2021-23421 affects merge-change: all versions are vulnerable to Prototype Pollution via the utils.set function. The root cause is an unsafe recursive merge that can propagate pollution to Object.prototype when certain properties (e.g., proto ) are set or when the path-based API is abused. The...

9.8CVSS7.5AI score0.01084EPSS
Exploits1References2Affected Software1
Cvelist
Cvelistadded 2021/08/11 5:30 p.m.14 views

CVE-2021-23421 Prototype Pollution

All versions of package merge-change are vulnerable to Prototype Pollution via the utils.set function...

5.6CVSS9.7AI score0.01084EPSS
Exploits1References2
ATTACKERKB
ATTACKERKBadded 2021/08/11 5:25 p.m.4 views

CVE-2021-23421

All versions of package merge-change are vulnerable to Prototype Pollution via the utils.set function...

9.8CVSS5.3AI score0.01084EPSS
Exploits1References3
CNNVD
CNNVDadded 2021/08/11 12:0 a.m.4 views

merge-change 软件包安全漏洞

merge-change is an open source simple library for deep merging of objects and other types, also for patching and immutable new. The merge-change package has a security vulnerability that makes the package susceptible to prototype contamination via the utils.set function...

9.8CVSS8.3AI score0.01084EPSS
Exploits1References3
Snyk
Snykadded 2021/06/16 4:18 p.m.3 views

Prototype Pollution

Overview merge-change is a Deep merge of objects and other types, also for patches and immutable updates. Affected versions of this package are vulnerable to Prototype Pollution via the utils.set function. Details Prototype Pollution is a vulnerability affecting JavaScript. Prototype Pollution...

9.8CVSS9AI score0.01084EPSS
Exploits1References2
Rows per page
Query Builder