Prototype Pollution

Overview simpl-schema is a schema validation package that supports direct validation of MongoDB update modifier objects. Affected versions of this package are vulnerable to Prototype Pollution. PoC const SimpleSchema = require"simpl-schema".default; let obj = ; console.log"Before : " +...

[SECURITY] [DLA 588-2] mongodb security update

Package : mongodb Version : 2.0.6-1+deb7u1 CVE ID : CVE-2016-6494 Debian Bug : 832908, 833087 This is an update of DLA-558-1. The previous build had revision number that was considered lower than the one in wheezy and was therefore not installed at upgrade. The text for DLA-558-1 is included here...