EUVD-2024-53516

Malicious code in bioql PyPI...

Prototype Pollution

module-from-string is vulnerable to Prototype pollution. The vulnerability is due to improper handling of user-supplied input in the lib.requireFromString function, allowing attackers to supply a crafted payload, leading to a Denial of Service DoS...

CVE-2024-57072

A prototype pollution in the lib.requireFromString function of module-from-string v3.3.1 allows attackers to cause a Denial of Service DoS via supplying a crafted payload...

module-from-string prototype pollution

A prototype pollution in the lib.requireFromString function of module-from-string v3.3.1 allows attackers to cause a Denial of Service DoS via supplying a crafted payload...

@alvori/app (>=1.0.0-beta.11 <=1.0.0-beta.12), @enhanced-dom/intl (>=0.0.1 <=0.2.0) +112 more potentially affected by CVE-2024-57072 via module-from-string (>=2.3.0 <=3.3.1)

module-from-string NPM version =2.3.0, =1.0.0-beta.11, =0.0.1, =0.0.2, =0.0.1, =0.0.1, =0.0.2, =0.0.2, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.1, =0.1.1, =0.2.3 and more Source cves: CVE-2024-57072 Source advisory: OSV:GHSA-Q5J8-9M9G-X2JH...

GHSA-Q5J8-9M9G-X2JH module-from-string prototype pollution

A prototype pollution in the lib.requireFromString function of module-from-string v3.3.1 allows attackers to cause a Denial of Service DoS via supplying a crafted payload...

CVE-2024-57072

A prototype pollution in the lib.requireFromString function of module-from-string v3.3.1 allows attackers to cause a Denial of Service DoS via supplying a crafted payload...

CVE-2024-57072

CVE-2024-57072 affects the module-from-string package (version 3.3.1) via a prototype pollution flaw in the lib.requireFromString function that can cause a Denial of Service (DoS) when a crafted payload is supplied. Exploitation status is not detailed in the provided documents. Remediation guidan...

CVE-2024-57072

A prototype pollution in the lib.requireFromString function of module-from-string v3.3.1 allows attackers to cause a Denial of Service DoS via supplying a crafted payload...

module-from-string 安全漏洞

module-from-string is a library by the individual developer Xuanbo Cheng. A security vulnerability exists in module-from-string version v3.3.1, which stems from a prototype contamination vulnerability in the lib.requireFromString function...

PT-2025-5771 · Unknown · Module-From-String

Name of the Vulnerable Software and Affected Versions: module-from-string version 3.3.1 Description: A prototype pollution in the lib.requireFromString function allows attackers to cause a Denial of Service DoS via supplying a crafted payload. Recommendations: For module-from-string version 3.3.1...