22 matches found
CVE-2021-28860
In Node.js mixme, prior to v0.5.1, an attacker can add or alter properties of an object via 'proto' through the mutate and merge functions. The polluted attribute will be directly assigned to every object in the program. This will put the availability of the program at risk causing a potential...
EUVD-2022-1163
Malicious code in bioql PyPI...
Prototype Pollution
mixme is vulnerable to prototype pollution. The function mutate and merge allows an attacker to get control of value of “path” and modify attributes such as proto, constructor and prototype...
@asephermann/capacitor-filechooser (=0.0.1), @jewel998/mock-location (>=0.0.9 <=0.0.10) +53 more potentially affected by CVE-2021-28860 via mixme (>=0.0.1 <=0.4.0)
mixme NPM version =0.0.1, =0.0.9, =1.0.1, =0.0.1, =0.9.3, =0.0.1-alpha.1, =0.9.7, =0.8.1, =0.0.1, =0.2.1, =0.0.2, =0.0.2-alpha.1 and more Source cves: CVE-2021-28860 Source advisory: OSV:GHSA-R5CQ-9537-9RPF...
Prototype Pollution in mixme
Node.js mixme 0.5.0, an attacker can add or alter properties of an object via 'proto' through the mutate and merge functions. The polluted attribute will be directly assigned to every object in the program. This will put the availability of the program at risk causing a potential denial of servic...
GHSA-R5CQ-9537-9RPF Prototype Pollution in mixme
Node.js mixme 0.5.0, an attacker can add or alter properties of an object via 'proto' through the mutate and merge functions. The polluted attribute will be directly assigned to every object in the program. This will put the availability of the program at risk causing a potential denial of servic...
0z_export (>=1.0.0 <=1.0.102), 1cli (>=0.0.1 <=0.0.2) +1502 more potentially affected by unknown CVE via mixme (>=0.0.1 <=0.5.10)
mixme NPM version =0.0.1, =1.0.0, =0.0.1, =1.0.0, =4.2.0, =0.0.1, =0.0.1, =0.0.1, =0.0.1, =3.1.2, =1.3.0, =0.0.0-snapshot-20260427171625, =2.26.1-next.0, =0.0.9, =0.0.30 and more Source cves: unknown CVE Source advisory: OSV:GHSA-84P7-FH9C-6G8H...
GHSA-84P7-FH9C-6G8H Prototype Pollution in mixme
Impact When copying properties from a source object to a target object, the target object can gain access to certain properties of the source object and modify their content. Patches The problem was patch with a more agressive discovery of secured properties to filter out...
Prototype Pollution in mixme
Impact When copying properties from a source object to a target object, the target object can gain access to certain properties of the source object and modify their content. Patches The problem was patch with a more agressive discovery of secured properties to filter out...
Npm mixme has a denial of service vulnerability
Npm mixme is an application from the American company Npm. It is used to recursively merge multiple objects. The last object takes precedence over previous objects. A security vulnerability exists in Npm mixme version v0.5.0, which can be exploited by an attacker to add or modify properties of an...
Prototype Pollution
Overview Impact In affected versions of mixme an attacker can add or alter properties of an object via 'proto' through the mutate and merge functions. The polluted attribute will be directly assigned to every object in the program. This will put the availability of the program at risk causing a...
@asephermann/capacitor-filechooser (=0.0.1), @jewel998/mock-location (>=0.0.9 <=0.0.10) +53 more potentially affected by CVE-2021-28860 +1 more via mixme (>=0.0.1 <=0.4.0)
mixme NPM version =0.0.1, =0.0.9, =1.0.1, =0.0.1, =0.9.3, =0.0.1-alpha.1, =0.9.7, =0.8.1, =0.0.1, =0.2.1, =0.0.2, =0.0.2-alpha.1 and more Source cves: CVE-2021-28860, CVE-2021-29491 Source advisory: OSV:GHSA-79JW-6WG7-R9G4...
Use of Potentially Dangerous Function in mixme
Impact In Node.js mixme v0.5.0, an attacker can add or alter properties of an object via 'proto' through the mutate and merge functions. The polluted attribute will be directly assigned to every object in the program. This will put the availability of the program at risk causing a potential denia...
GHSA-79JW-6WG7-R9G4 Use of Potentially Dangerous Function in mixme
Impact In Node.js mixme v0.5.0, an attacker can add or alter properties of an object via 'proto' through the mutate and merge functions. The polluted attribute will be directly assigned to every object in the program. This will put the availability of the program at risk causing a potential denia...
编号撤回
Npm mixme is an application from the American company Npm. It is used to recursively merge multiple objects. The last object takes precedence over previous objects. A security vulnerability exists in Npm mixme version v0.5.0, which can be exploited by an attacker to add or modify properties of an...
CVE-2021-28860
In Node.js mixme, prior to v0.5.1, an attacker can add or alter properties of an object via 'proto' through the mutate and merge functions. The polluted attribute will be directly assigned to every object in the program. This will put the availability of the program at risk causing a potential...
CVE-2021-28860
In Node.js mixme, prior to v0.5.1, an attacker can add or alter properties of an object via 'proto' through the mutate and merge functions. The polluted attribute will be directly assigned to every object in the program. This will put the availability of the program at risk causing a potential...
Design/Logic Flaw
In Node.js mixme, prior to v0.5.1, an attacker can add or alter properties of an object via 'proto' through the mutate and merge functions. The polluted attribute will be directly assigned to every object in the program. This will put the availability of the program at risk causing a potential...
CVE-2021-28860
The data shows a prototype pollution flaw in Node.js mixme prior to version 0.5.1. Through mutate() and merge(), an attacker can set or alter properties on objects via proto , causing a polluted attribute to be copied into every object in the program and potentially leading to denial of service (...
CVE-2021-28860
In Node.js mixme, prior to v0.5.1, an attacker can add or alter properties of an object via 'proto' through the mutate and merge functions. The polluted attribute will be directly assigned to every object in the program. This will put the availability of the program at risk causing a potential...