EUVD-2023-3246

Malicious code in bioql PyPI...

CVE-2023-26158

All versions of the package mockjs are vulnerable to Prototype Pollution via the Util.extend function due to missing check if the attribute resolves to the object prototype. By adding or modifying attributes of an object prototype, it is possible to create attributes that exist on every object, o...

mockjs vulnerable to Prototype Pollution via the Util.extend function

All versions of the package mockjs are vulnerable to Prototype Pollution via the Util.extend function due to missing check if the attribute resolves to the object prototype. By adding or modifying attributes of an object prototype, it is possible to create attributes that exist on every object, o...

1.5fabao (=1.0.0), 11-3-address-ly (>=1.0.0 <=1.0.2) +2363 more potentially affected by CVE-2023-26158 via mockjs (>=0.1.1 <=1.1.0)

mockjs NPM version =0.1.1, =1.0.0, =1.0.0, =1.0.0, =0.1.0, =0.0.5, =0.0.3, =1.0.0, =0.1.1, =0.2.0 and more Source cves: CVE-2023-26158 Source advisory: OSV:GHSA-MH8J-9JVH-GJF6...

GHSA-MH8J-9JVH-GJF6 mockjs vulnerable to Prototype Pollution via the Util.extend function

All versions of the package mockjs are vulnerable to Prototype Pollution via the Util.extend function due to missing check if the attribute resolves to the object prototype. By adding or modifying attributes of an object prototype, it is possible to create attributes that exist on every object, o...

CVE-2023-26158

All versions of the package mockjs are vulnerable to Prototype Pollution via the Util.extend function due to missing check if the attribute resolves to the object prototype. By adding or modifying attributes of an object prototype, it is possible to create attributes that exist on every object, o...

CVE-2023-26158

All versions of the package mockjs are vulnerable to Prototype Pollution via the Util.extend function due to missing check if the attribute resolves to the object prototype. By adding or modifying attributes of an object prototype, it is possible to create attributes that exist on every object, o...

Design/Logic Flaw

All versions of the package mockjs are vulnerable to Prototype Pollution via the Util.extend function due to missing check if the attribute resolves to the object prototype. By adding or modifying attributes of an object prototype, it is possible to create attributes that exist on every object, o...

CVE-2023-26158

All versions of the package mockjs are vulnerable to Prototype Pollution via the Util.extend function due to missing check if the attribute resolves to the object prototype. By adding or modifying attributes of an object prototype, it is possible to create attributes that exist on every object, o...

CVE-2023-26158

The CVE-2023-26158 entries describe a Prototype Pollution vulnerability in mockjs via the Util.extend function. Affected are the Mock.js components that use extend (Util.extend, including Mock.Handler, Mock.Random, Mock.RE.Handler, and Mock.Util). The root cause is unsafe merging that can assign ...

PT-2023-20535 · Mockjs · Mockjs

Name of the Vulnerable Software and Affected Versions: mockjs versions prior to a version with the fixed Util.extend function Description: The issue arises from a missing check in the Util.extend function, allowing Prototype Pollution. This occurs when an attribute resolves to the object prototyp...

Prototype Pollution

Overview mockjs is a simulation data generator to help the front-end to develop and prototype separate from the back-end progress and reduce some monotony particularly while writing automated tests. Affected versions of this package are vulnerable to Prototype Pollution via the Util.extend functi...

1.5fabao (=1.0.0), 11-3-address-ly (>=1.0.0 <=1.0.2) +2363 more potentially affected by CVE-2023-26158 via mockjs (>=0.1.1 <=1.1.0)

mockjs NPM version =0.1.1, =1.0.0, =1.0.0, =1.0.0, =0.1.0, =0.0.5, =0.0.3, =1.0.0, =0.1.1, =0.2.0 and more Source cves: CVE-2023-26158 Source advisory: SNYK:JS-MOCKJS-6051365...