20 matches found
Exploit for Prototype Pollution in Substack Minimist
CVE-2020-7598 - Prototype Pollution in minimist Disclaimer...
MiracleLinux 7 : rh-nodejs14-nodejs-14.20.1-2.el7 (AXSA:2022-3900:01)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3900:01 advisory. nodejs: Improper handling of URI Subject Alternative Names CVE-2021-44531 nodejs: Certificate Verification Bypass via String Injection CVE-2021-4453...
EUVD-2020-0395
Malware in sbrugna...
EUVD-2022-1589
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2021-44906
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Minimist =1.2.5 is vulnerable to Prototype Pollution via file index.js, function setKey lines 69-95. CVE-2021-44906 Note that Nessus relies on the presence of t...
@akaiv/core (>=1.2.6 <=1.8.3), @akaiv/discord-client (>=1.0.0 <=1.4.1) +3 more potentially affected by unknown CVE via minimst (=0.0.1-security)
minimst NPM version =0.0.1-security is affected by a known vulnerability. The following packages have a transitive dependency on minimst and may be impacted: - @akaiv/core =1.2.6, =1.0.0, =0.1.0, =0.4.0 - @akaiv/kakao-client =2.0.1 - netlify-minutes =0.1.0 Source cves: unknown CVE Source advisory...
SUSE CVE-2020-7598
minimist before 1.2.2 could be tricked into adding or modifying properties of Object.prototype using a "constructor" or "proto" payload...
minimist: prototype pollution
An Uncontrolled Resource Consumption flaw was found in minimist. The original fix for CVE-2020-7598 was incomplete as it was still possible to bypass in some cases. This flaw CVE-2021-44906 allows an attacker to trick the library into adding or modifying the properties of Object.prototype, using ...
minimist: prototype pollution
An Uncontrolled Resource Consumption flaw was found in minimist. The original fix for CVE-2020-7598 was incomplete as it was still possible to bypass in some cases. This flaw CVE-2021-44906 allows an attacker to trick the library into adding or modifying the properties of Object.prototype, using ...
Prototype Pollution in minimist
Minimist prior to 1.2.6 and 0.2.4 is vulnerable to Prototype Pollution via file index.js, function setKey lines 69-95...
0.8.18-p11 (=0.8.18-p12), 0.extends.wechat (>=1.0.51 <=1.0.65) +10267 more potentially affected by CVE-2021-44906 via minimist (>=1.0.0 <=1.2.5)
minimist NPM version =1.0.0, =1.0.51, =2.3.0, =0.0.1, =1.0.0, =1.0.0, =0.0.2, =0.3.0, =0.1.0, =1.0.0, =1.0.1, =1.0.0, =1.0.0, =1.0.6 and more Source cves: CVE-2021-44906 Source advisory: OSV:GHSA-XVCH-5GV4-984H...
CVE-2021-44906
Minimist =1.2.5 is vulnerable to Prototype Pollution via file index.js, function setKey lines 69-95...
AZL-44583 CVE-2021-44906 affecting package js-jquery 3.5.0-4
Minimist =1.2.5 is vulnerable to Prototype Pollution via file index.js, function setKey lines 69-95...
Code injection
Minimist =1.2.5 is vulnerable to Prototype Pollution via file index.js, function setKey lines 69-95...
minimist 安全漏洞
minimist is a command-line parameter parsing tool. minimist suffers from a security vulnerability that stems from vulnerability to prototype contamination via the file index.js, function setKey. No details of the vulnerability are currently available...
nodejs-minimist: prototype pollution allows adding or modifying properties of Object.prototype using a constructor or __proto__ payload
A flaw was found in nodejs-minimist, where it was tricked into adding or modifying properties of the Object.prototype using a "constructor" or "proto" payload. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability...
01-numacert (>=1.0.0 <=3.0.0), 06-tekbooks (=0.1.0) +46665 more potentially affected by CVE-2020-7598 via minimist (>=0.0.10 <=0.2.0)
minimist NPM version =0.0.10, =1.0.0, =0.3.0, =0.0.15, =1.0.4, =1.0.0, =1.0.0, =1.0.1 - 20190403-utils =1.0.0 - 20231122-npm =1.0.0 and more Source cves: CVE-2020-7598 Source advisory: OSV:GHSA-VH95-RMGR-6W4M...
0.8.18-p11 (=0.8.18-p12), 0.extends.wechat (>=1.0.51 <=1.0.65) +9368 more potentially affected by CVE-2020-7598 via minimist (>=1.0.0 <=1.2.2)
minimist NPM version =1.0.0, =1.0.51, =0.0.1, =1.0.0, =0.0.2, =0.3.0, =0.1.0, =1.0.0, =1.0.1, =1.0.0, =1.0.0, =1.0.0, =1.1.2 and more Source cves: CVE-2020-7598 Source advisory: OSV:GHSA-VH95-RMGR-6W4M...
AZL-44115 CVE-2020-7598 affecting package js-jquery 3.5.0-4
minimist before 1.2.2 could be tricked into adding or modifying properties of Object.prototype using a "constructor" or "proto" payload...
01-numacert (>=1.0.0 <=3.0.0), 06-tekbooks (=0.1.0) +46665 more potentially affected by CVE-2020-7598 via minimist (>=0.0.10 <=0.2.0)
minimist NPM version =0.0.10, =1.0.0, =0.3.0, =0.0.15, =1.0.4, =1.0.0, =1.0.0, =1.0.1 - 20190403-utils =1.0.0 - 20231122-npm =1.0.0 and more Source cves: CVE-2020-7598 Source advisory: SNYK:JS-MINIMIST-559764...