14 matches found
Prototype Pollution
node-cube is vulnerable to Prototype Pollution. The vulnerability is due to improper validation of user-supplied input during the prototype chain initialization process, which allows an attacker to inject malicious properties into built-in object prototypes, potentially leading to denial of servi...
EUVD-2025-31069
Malicious code in bioql PyPI...
CVE-2025-57348
The node-cube package prior to version 5.0.0 contains a vulnerability in its handling of prototype chain initialization, which could allow an attacker to inject properties into the prototype of built-in objects. This issue, categorized under CWE-1321, arises from improper validation of...
@orca-fe/datav-cli (>=2.8.3 <=2.9.4), datav-cli (>=0.0.1 <=2.12.3) +3 more potentially affected by CVE-2025-57348 via node-cube (>=0.0.10 <=5.0.0-beta.16)
node-cube NPM version =0.0.10, =2.8.3, =0.0.1, =1.0.2, =1.0.0, =0.0.1, =1.0.9 Source cves: CVE-2025-57348 Source advisory: OSV:GHSA-8V65-5FW5-23WJ...
GHSA-8V65-5FW5-23WJ node-cube vulnerable to prototype pollution
The node-cube package prior to version 5.0.0 contains a vulnerability in its handling of prototype chain initialization, which could allow an attacker to inject properties into the prototype of built-in objects. This issue, categorized under CWE-1321, arises from improper validation of...
@orca-fe/datav-cli (>=2.8.3 <=2.9.4), @shuji-components/sjv-cli (=0.0.3) +4 more potentially affected by CVE-2025-57348 via node-cube (>=0.0.10 <=5.0.0-beta.28)
node-cube NPM version =0.0.10, =2.8.3, =0.0.1, =1.0.2, =1.0.0, =0.0.1, =1.0.9 Source cves: CVE-2025-57348 Source advisory: SNYK:JS-NODECUBE-13109830...
node-cube vulnerable to prototype pollution
The node-cube package prior to version 5.0.0 contains a vulnerability in its handling of prototype chain initialization, which could allow an attacker to inject properties into the prototype of built-in objects. This issue, categorized under CWE-1321, arises from improper validation of...
Prototype Pollution
Overview node-cube is an a new way to write js in browser Affected versions of this package are vulnerable to Prototype Pollution via the resource initialization process. An attacker can inject properties into the prototype of built-in objects by supplying crafted input, potentially leading to...
CVE-2025-57348
The node-cube package prior to version 5.0.0 contains a vulnerability in its handling of prototype chain initialization, which could allow an attacker to inject properties into the prototype of built-in objects. This issue, categorized under CWE-1321, arises from improper validation of...
CVE-2025-57348
The node-cube package prior to version 5.0.0 contains a vulnerability in its handling of prototype chain initialization, which could allow an attacker to inject properties into the prototype of built-in objects. This issue, categorized under CWE-1321, arises from improper validation of...
CVE-2025-57348
The node-cube package prior to version 5.0.0 contains a vulnerability in its handling of prototype chain initialization, which could allow an attacker to inject properties into the prototype of built-in objects. This issue, categorized under CWE-1321, arises from improper validation of...
CVE-2025-57348
The CVE-2025-57348 entry concerns the node-cube package before version 5.0.0, affected up to 5.0.0-beta.19. The root cause is improper validation during prototype chain initialization, enabling prototype pollution by injecting properties into built-in object prototypes. Documented impacts include...
CVE-2025-57348
The node-cube package prior to version 5.0.0 contains a vulnerability in its handling of prototype chain initialization, which could allow an attacker to inject properties into the prototype of built-in objects. This issue, categorized under CWE-1321, arises from improper validation of...
PT-2025-39323
Name of the Vulnerable Software and Affected Versions node-cube versions prior to 5.0.0 Description The node-cube package has an issue in how it initializes the prototype chain, potentially allowing an attacker to add properties to the prototype of built-in objects. This occurs due to insufficien...