The vulnerability of Mozilla Convict’s library involves uncontrolled changes to object prototype attributes, allowing attackers to execute arbitrary code.

The vulnerability of the Mozilla Convict library is related to uncontrolled changes to object prototype attributes. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

CVE-2023-0163 Prototype Pollution in convict

Improperly Controlled Modification of Object Prototype Attributes 'Prototype Pollution' vulnerability in Mozilla Convict. This allows an attacker to inject attributes that are used in other components, or to override existing attributes with ones that have incompatible type, which may lead to a...

CVE-2023-0163 Prototype Pollution in convict

Improperly Controlled Modification of Object Prototype Attributes 'Prototype Pollution' vulnerability in Mozilla Convict. This allows an attacker to inject attributes that are used in other components, or to override existing attributes with ones that have incompatible type, which may lead to a...

PT-2023-9752 · Mozilla · Convict

Name of the Vulnerable Software and Affected Versions: Mozilla Convict versions prior to 6.2.4 Description: The issue is related to improperly controlled modification of object prototype attributes, also known as "prototype pollution." This allows an attacker to inject attributes that are used in...