Prototype Pollution in object-path

object-path is vulnerable to Improperly Controlled Modification of Object Prototype Attributes 'Prototype Pollution'. The del function fails to validate which Object properties it deletes. This allows attackers to modify the prototype of Object, causing the modification of default properties like...

CVE-2021-3805

object-path is vulnerable to Improperly Controlled Modification of Object Prototype Attributes 'Prototype Pollution'...

DEBIAN-CVE-2021-3805

object-path is vulnerable to Improperly Controlled Modification of Object Prototype Attributes 'Prototype Pollution'...

CVE-2021-3805

object-path is vulnerable to Improperly Controlled Modification of Object Prototype Attributes 'Prototype Pollution'...

UBUNTU-CVE-2021-3805

object-path is vulnerable to Improperly Controlled Modification of Object Prototype Attributes 'Prototype Pollution'...

CVE-2021-3805

object-path is vulnerable to Improperly Controlled Modification of Object Prototype Attributes 'Prototype Pollution'...

object-path 安全漏洞

object-path is an Npm library for individual developers to access variables in data structures via paths. A security vulnerability exists in object-path, which stems from the vulnerability of object paths to uncontrolled modification of object prototype attributes prototype contamination...

CVE-2021-3805 Prototype Pollution in mariocasciaro/object-path

object-path is vulnerable to Improperly Controlled Modification of Object Prototype Attributes 'Prototype Pollution'...

CVE-2021-3805

CVE-2021-3805 concerns the Node.js library object-path , vulnerable to a prototype pollution flaw. The Root Cause cited in multiple sources is improper modification of Object.prototype attributes, specifically via the del() function when using inherited props (includeInheritedProps). Several conn...

CVE-2021-3805

object-path is vulnerable to Improperly Controlled Modification of Object Prototype Attributes 'Prototype Pollution'...

PT-2021-21941 · Npm +2 · Object-Path +2

Name of the Vulnerable Software and Affected Versions: object-path affected versions not specified Description: The issue is related to Improperly Controlled Modification of Object Prototype Attributes, also known as 'Prototype Pollution'. This occurs because the del function does not properly...

Prototype Pollution in mariocasciaro/object-path

Description object-path package is vulnerable to Prototype Pollution. The del function fails to validate which Object properties it deletes. This allows attackers to modify the prototype of Object, causing the modification of default properties like toString on all objects. Proof of Concept Creat...

GHSA-V39P-96QG-C8RF Prototype Pollution in object-path

This affects the package object-path before 0.11.6. A type confusion vulnerability can lead to a bypass of CVE-2020-15256 when the path components used in the path parameter are arrays. In particular, the condition currentPath === 'proto' returns false if currentPath is 'proto'. This is because t...

-tompan-reacttemplate (>=1.0.1 <=1.1.0), 0x0.icu.anima (=0.1.0) +5585 more potentially affected by CVE-2021-23434 via object-path (>=0.0.1 <=0.11.5)

object-path NPM version =0.0.1, =1.0.1, =8.4.2, =0.1.0, =0.1.0, =0.1.0, =0.1.1, =1.0.0, =0.0.1, =0.0.22 - @0soft/zero-material-ui =0.0.23-alpha.3 and more Source cves: CVE-2021-23434 Source advisory: OSV:GHSA-V39P-96QG-C8RF...

Prototype Pollution in object-path

This affects the package object-path before 0.11.6. A type confusion vulnerability can lead to a bypass of CVE-2020-15256 when the path components used in the path parameter are arrays. In particular, the condition currentPath === 'proto' returns false if currentPath is 'proto'. This is because t...

CVE-2021-23434

Prototype pollution has been discovered in object-path NodeJS library. A type confusion vulnerability can lead to a bypass of CVE-2020-15256 when the path components used in the path parameter are arrays. In particular, the condition currentPath === 'proto' returns false if currentPath is 'proto'...

Object-path has an unspecified vulnerability

object-path is a personal developer's Npm library for accessing variables in data structures via paths. object-path versions prior to 0.11.6 have a security vulnerability that results from a type obfuscation vulnerability when the path component used in the path parameter is an array. No details ...

Prototype Pollution

object-path is vulnerable to prototype pollution. The vulnerability exists due to type confusion when the path components used in the path parameter are arrays...

CVE-2021-23434

This affects the package object-path before 0.11.6. A type confusion vulnerability can lead to a bypass of CVE-2020-15256 when the path components used in the path parameter are arrays. In particular, the condition currentPath === 'proto' returns false if currentPath is 'proto'. This is because t...

CVE-2021-23434

This affects the package object-path before 0.11.6. A type confusion vulnerability can lead to a bypass of CVE-2020-15256 when the path components used in the path parameter are arrays. In particular, the condition currentPath === 'proto' returns false if currentPath is 'proto'. This is because t...