10 matches found
EUVD-2021-2106
Malware in sbrugna...
CVE-2021-3766
objection.js is vulnerable to Improperly Controlled Modification of Object Prototype Attributes 'Prototype Pollution'...
objection.js Prototype Pollution vulnerability
objection.js prior to version 2.2.16 is vulnerable to Improperly Controlled Modification of Object Prototype Attributes 'Prototype Pollution'. This issue is patched in version 2.2.16...
GHSA-R659-8XFP-J327 objection.js Prototype Pollution vulnerability
objection.js prior to version 2.2.16 is vulnerable to Improperly Controlled Modification of Object Prototype Attributes 'Prototype Pollution'. This issue is patched in version 2.2.16...
CVE-2021-3766
objection.js is vulnerable to Improperly Controlled Modification of Object Prototype Attributes 'Prototype Pollution'...
CVE-2021-3766
objection.js is vulnerable to Improperly Controlled Modification of Object Prototype Attributes 'Prototype Pollution'...
Code injection
objection.js is vulnerable to Improperly Controlled Modification of Object Prototype Attributes 'Prototype Pollution'...
CVE-2021-3766 Prototype Pollution in vincit/objection.js
objection.js is vulnerable to Improperly Controlled Modification of Object Prototype Attributes 'Prototype Pollution'...
CVE-2021-3766
CVE-2021-3766 : A prototype pollution vulnerability in objection.js (vincit/objection.js) allows improper modification of Object.prototype attributes. Affected versions prior to 2.2.16 are vulnerable; the issue is patched in 2.2.16. Impact details in connected records indicate high/critical sever...
Prototype Pollution in vincit/objection.js
✍️ Description objection package is vulnerable to Prototype Pollution. 🕵️♂️ Proof of Concept Create the following PoC file: // poc.js var set = require"objection/lib/utils/objectUtils" let obj = console.log"Before: " + .polluted setobj, 'proto', 'polluted', 'Yes! Its Polluted' console.log"After: "...