25 matches found
EUVD-2022-6167
Malicious code in bioql PyPI...
EUVD-2022-1121
Malicious code in bioql PyPI...
Prototype Pollution in mout
This affects all versions of package mout. The deepFillIn function can be used to 'fill missing properties recursively', while the deepMixIn mixes objects into the target object, recursively mixing existing child objects as well. In both cases, the key used to access the target object recursively...
GHSA-VVV8-XW5F-3F88 Prototype Pollution in mout
This affects all versions of package mout. The deepFillIn function can be used to 'fill missing properties recursively', while the deepMixIn mixes objects into the target object, recursively mixing existing child objects as well. In both cases, the key used to access the target object recursively...
CVE-2022-21213
This affects all versions of package mout. The deepFillIn function can be used to 'fill missing properties recursively', while the deepMixIn mixes objects into the target object, recursively mixing existing child objects as well. In both cases, the key used to access the target object recursively...
CVE-2022-21213
This affects all versions of package mout. The deepFillIn function can be used to 'fill missing properties recursively', while the deepMixIn mixes objects into the target object, recursively mixing existing child objects as well. In both cases, the key used to access the target object recursively...
Design/Logic Flaw
This affects all versions of package mout. The deepFillIn function can be used to 'fill missing properties recursively', while the deepMixIn mixes objects into the target object, recursively mixing existing child objects as well. In both cases, the key used to access the target object recursively...
CVE-2022-21213
CVE-2022-21213 affects all versions of the Mout package. The vulnerability arises in deepFillIn and deepMixIn, which recursively access target objects without validating the keys used to reach nested properties, enabling prototype pollution. The issue traces to an incomplete fix of CVE-2020-7792....
CVE-2022-21213 Prototype Pollution
This affects all versions of package mout. The deepFillIn function can be used to 'fill missing properties recursively', while the deepMixIn mixes objects into the target object, recursively mixing existing child objects as well. In both cases, the key used to access the target object recursively...
CVE-2022-21213
This affects all versions of package mout. The deepFillIn function can be used to 'fill missing properties recursively', while the deepMixIn mixes objects into the target object, recursively mixing existing child objects as well. In both cases, the key used to access the target object recursively...
Mout 安全漏洞
Mout is a Javascript-based codebase from the Mout team that provides modular support for JS programming. A security vulnerability exists in Mout, which stems from the fact that the deepFillIn function used to "fill missing properties recursively" while deepMixIn mixes objects into the target obje...
08cms (=1.0.0), 1 (>=0.0.2 <=0.1.2) +2287 more potentially affected by CVE-2020-7792 via mout (>=0.10.0 <=1.2.2)
mout NPM version =0.10.0, =0.0.2, =0.0.2, =3.0.0, =1.0.0, =0.0.1, =1.0.0, =1.3.2, =1.0.0, =1.0.0, =1.0.1, =0.1.16, =1.2.1, =0.1.12-alpha.0, =2.4.10, =2.11.0 and more Source cves: CVE-2020-7792 Source advisory: OSV:GHSA-PC58-WGMC-HFJR...
Prototype Pollution in mout
This affects all versions of package mout. The deepFillIn function can be used to 'fill missing properties recursively', while the deepMixIn 'mixes objects into the target object, recursively mixing existing child objects as well'. In both cases, the key used to access the target object recursive...
GHSA-PC58-WGMC-HFJR Prototype Pollution in mout
This affects all versions of package mout. The deepFillIn function can be used to 'fill missing properties recursively', while the deepMixIn 'mixes objects into the target object, recursively mixing existing child objects as well'. In both cases, the key used to access the target object recursive...
@camptocamp/closure-util (>=1.23.0 <=1.27.0), @descartes/d-editmap (=6.0.0) +131 more potentially affected by CVE-2020-7792 +1 more via mout (>=1.0.0 <=1.2.3)
mout NPM version =1.0.0, =1.23.0, =0.12.2, =1.36.0, =0.0.1, =1.0.0, =0.1.1, =0.1.0, =2.94.2, =0.3.0, =1.3.0, =1.8.0 and more Source cves: CVE-2020-7792, CVE-2022-21213 Source advisory: SNYK:JS-MOUT-2342654...
Prototype Pollution
Overview mout is a Modular Utilities Affected versions of this package are vulnerable to Prototype Pollution. The deepFillIn function can be used to 'fill missing properties recursively', while the deepMixIn mixes objects into the target object, recursively mixing existing child objects as well. ...
Prototype Pollution
mout is vulnerable to prototype pollution. An attacker is able to fill missing properties recursively via deepFillIn and mixes objects into the target existing child objects object recursively using deepMixIn as those functions do not validate the key to access the target object recursively...
Prototype Pollution in mout/mout
Description mout is vulnerable to Prototype Pollution. Proof of Concept 1. Create the following PoC file: // poc.js var mout = require"mout" var obj = console.log"Before : " + .polluted; mout.object.setobj,'proto.polluted','Yes! Its Polluted'; console.log"After : " + .polluted; 2. Execute the...
CVE-2020-7792
This affects all versions of package mout. The deepFillIn function can be used to 'fill missing properties recursively', while the deepMixIn 'mixes objects into the target object, recursively mixing existing child objects as well'. In both cases, the key used to access the target object recursive...
CVE-2020-7792
This affects all versions of package mout. The deepFillIn function can be used to 'fill missing properties recursively', while the deepMixIn 'mixes objects into the target object, recursively mixing existing child objects as well'. In both cases, the key used to access the target object recursive...