CVE-2020-7720

A flaw was found in nodejs-node-forge. A Prototype Pollution via the util.setPath function is possible...

CVE-2020-7720

The package node-forge before 0.10.0 is vulnerable to Prototype Pollution via the util.setPath function. Note: Version 0.10.0 is a breaking change removing the vulnerable functions...

CVE-2020-7720

The package node-forge before 0.10.0 is vulnerable to Prototype Pollution via the util.setPath function. Note: Version 0.10.0 is a breaking change removing the vulnerable functions...

DEBIAN-CVE-2020-7720

The package node-forge before 0.10.0 is vulnerable to Prototype Pollution via the util.setPath function. Note: Version 0.10.0 is a breaking change removing the vulnerable functions...

Design/Logic Flaw

The package node-forge before 0.10.0 is vulnerable to Prototype Pollution via the util.setPath function. Note: Version 0.10.0 is a breaking change removing the vulnerable functions...

UBUNTU-CVE-2020-7720

The package node-forge before 0.10.0 is vulnerable to Prototype Pollution via the util.setPath function. Note: Version 0.10.0 is a breaking change removing the vulnerable functions...

CVE-2020-7720

The package node-forge before 0.10.0 is vulnerable to Prototype Pollution via the util.setPath function. Note: Version 0.10.0 is a breaking change removing the vulnerable functions...

CVE-2020-7720 Prototype Pollution

The package node-forge before 0.10.0 is vulnerable to Prototype Pollution via the util.setPath function. Note: Version 0.10.0 is a breaking change removing the vulnerable functions...

CVE-2020-7720

The package node-forge before 0.10.0 is vulnerable to Prototype Pollution via the util.setPath function. Note: Version 0.10.0 is a breaking change removing the vulnerable functions...

CVE-2020-7720

CVE-2020-7720 is a prototype pollution vulnerability in the node-forge library (util.setPath) present in older node-forge releases. Multiple connected sources confirm that versions prior to 0.10.0 are affected, with 0.10.0 removing the vulnerable functions. Public risk scores in the sources range...

PT-2020-6071 · Node.Js · Node-Forge

Name of the Vulnerable Software and Affected Versions: node-forge versions prior to 0.10.0 Description: The issue is related to Prototype Pollution via the util.setPath function. This can allow a remote attacker to implement a prototype pollution attack by modifying object attributes...

Prototype Pollution

Overview node-forge is a JavaScript implementations of network transports, cryptography, ciphers, PKI, message digests, and various utilities. Affected versions of this package are vulnerable to Prototype Pollution via the util.setPath function. Note: version 0.10.0 is a breaking change removing...

Regular Expression Denial Of Service (ReDoS)

node-forge is vulnerable to regular expression denial of service ReDoS attacks. The vulnerability is caused by a weak choice of regular expression regex groups and allows a given string to cause a huge performance slow down...