20 matches found
Exploit for Prototype Pollution in Substack Minimist
CVE-2020-7598 - Prototype Pollution in minimist Disclaimer...
MiracleLinux 7 : rh-nodejs14-nodejs-14.20.1-2.el7 (AXSA:2022-3900:01)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3900:01 advisory. nodejs: Improper handling of URI Subject Alternative Names CVE-2021-44531 nodejs: Certificate Verification Bypass via String Injection CVE-2021-4453...
EUVD-2020-0395
Malware in sbrugna...
EUVD-2022-1589
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2021-44906
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Minimist =1.2.5 is vulnerable to Prototype Pollution via file index.js, function setKey lines 69-95. CVE-2021-44906 Note that Nessus relies on the presence of t...
@akaiv/core (>=1.2.6 <=1.8.3), @akaiv/discord-client (>=1.0.0 <=1.4.1) +3 more potentially affected by unknown CVE via minimst (=0.0.1-security)
minimst NPM version =0.0.1-security is affected by a known vulnerability. The following packages have a transitive dependency on minimst and may be impacted: - @akaiv/core =1.2.6, =1.0.0, =0.1.0, =0.4.0 - @akaiv/kakao-client =2.0.1 - netlify-minutes =0.1.0 Source cves: unknown CVE Source advisory...
SUSE CVE-2020-7598
minimist before 1.2.2 could be tricked into adding or modifying properties of Object.prototype using a "constructor" or "proto" payload...
minimist: prototype pollution
An Uncontrolled Resource Consumption flaw was found in minimist. The original fix for CVE-2020-7598 was incomplete as it was still possible to bypass in some cases. This flaw CVE-2021-44906 allows an attacker to trick the library into adding or modifying the properties of Object.prototype, using ...
minimist: prototype pollution
An Uncontrolled Resource Consumption flaw was found in minimist. The original fix for CVE-2020-7598 was incomplete as it was still possible to bypass in some cases. This flaw CVE-2021-44906 allows an attacker to trick the library into adding or modifying the properties of Object.prototype, using ...
0.8.18-p11 (=0.8.18-p12), 0.extends.wechat (>=1.0.51 <=1.0.65) +10267 more potentially affected by CVE-2021-44906 via minimist (>=1.0.0 <=1.2.5)
minimist NPM version =1.0.0, =1.0.51, =2.3.0, =0.0.1, =1.0.0, =1.0.0, =0.0.2, =0.3.0, =0.1.0, =1.0.0, =1.0.1, =1.0.0, =1.0.0, =1.0.6 and more Source cves: CVE-2021-44906 Source advisory: OSV:GHSA-XVCH-5GV4-984H...
Prototype Pollution in minimist
Minimist prior to 1.2.6 and 0.2.4 is vulnerable to Prototype Pollution via file index.js, function setKey lines 69-95...
CVE-2021-44906
Minimist =1.2.5 is vulnerable to Prototype Pollution via file index.js, function setKey lines 69-95...
AZL-44583 CVE-2021-44906 affecting package js-jquery 3.5.0-4
Minimist =1.2.5 is vulnerable to Prototype Pollution via file index.js, function setKey lines 69-95...
Code injection
Minimist =1.2.5 is vulnerable to Prototype Pollution via file index.js, function setKey lines 69-95...
minimist 安全漏洞
minimist is a command-line parameter parsing tool. minimist suffers from a security vulnerability that stems from vulnerability to prototype contamination via the file index.js, function setKey. No details of the vulnerability are currently available...
nodejs-minimist: prototype pollution allows adding or modifying properties of Object.prototype using a constructor or __proto__ payload
A flaw was found in nodejs-minimist, where it was tricked into adding or modifying properties of the Object.prototype using a "constructor" or "proto" payload. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability...
0.8.18-p11 (=0.8.18-p12), 0.extends.wechat (>=1.0.51 <=1.0.65) +9368 more potentially affected by CVE-2020-7598 via minimist (>=1.0.0 <=1.2.2)
minimist NPM version =1.0.0, =1.0.51, =0.0.1, =1.0.0, =0.0.2, =0.3.0, =0.1.0, =1.0.0, =1.0.1, =1.0.0, =1.0.0, =1.0.0, =1.1.2 and more Source cves: CVE-2020-7598 Source advisory: OSV:GHSA-VH95-RMGR-6W4M...
01-numacert (>=1.0.0 <=3.0.0), 06-tekbooks (=0.1.0) +46665 more potentially affected by CVE-2020-7598 via minimist (>=0.0.10 <=0.2.0)
minimist NPM version =0.0.10, =1.0.0, =0.3.0, =0.0.15, =1.0.4, =1.0.0, =1.0.0, =1.0.1 - 20190403-utils =1.0.0 - 20231122-npm =1.0.0 and more Source cves: CVE-2020-7598 Source advisory: OSV:GHSA-VH95-RMGR-6W4M...
AZL-44115 CVE-2020-7598 affecting package js-jquery 3.5.0-4
minimist before 1.2.2 could be tricked into adding or modifying properties of Object.prototype using a "constructor" or "proto" payload...
01-numacert (>=1.0.0 <=3.0.0), 06-tekbooks (=0.1.0) +46665 more potentially affected by CVE-2020-7598 via minimist (>=0.0.10 <=0.2.0)
minimist NPM version =0.0.10, =1.0.0, =0.3.0, =0.0.15, =1.0.4, =1.0.0, =1.0.0, =1.0.1 - 20190403-utils =1.0.0 - 20231122-npm =1.0.0 and more Source cves: CVE-2020-7598 Source advisory: SNYK:JS-MINIMIST-559764...