9 matches found
CVE-2020-7643
paypal-adaptive through 0.4.2 manipulation of JavaScript objects resulting in Prototype Pollution. The PayPal function could be tricked into adding or modifying properties of Object.prototype using a proto payload...
Malicious code in PayPalAdaрtiveAccoսntsSDK (NuGet)
--- -= Per source details. Do not edit below this line.=-...
dpd-paypal-ap (>=0.0.1 <=0.0.9), paypal-pay (=0.1.1) potentially affected by CVE-2020-7643 via paypal-adaptive (>=0.1.1 <=0.4.2)
paypal-adaptive NPM version =0.1.1, =0.0.1, =0.0.9 - paypal-pay =0.1.1 Source cves: CVE-2020-7643 Source advisory: OSV:GHSA-V3R2-3FP4-RP46...
GHSA-V3R2-3FP4-RP46 Prototype pollution in paypal-adaptive
paypal-adaptive through 0.4.2 manipulation of JavaScript objects resulting in Prototype Pollution. The PayPal function could be tricked into adding or modifying properties of Object.prototype using a proto payload...
Prototype Pollution
paypal-adaptive is vulnerable to prototype pollution. An attacker is able to inject properties into existing construct prototypes and modify attributes such as proto, constructor and prototype via the PayPal function...
paypal-adaptive unauthorized modification vulnerability
paypal-adaptive is a Paypal payment software development kit SDK. A security vulnerability exists in paypal-adaptive version 0.4.2 and earlier. An attacker can exploit the vulnerability to add or modify properties of Object.prototype with the help of the 'PayPal ' function...
CVE-2020-7643
paypal-adaptive through 0.4.2 manipulation of JavaScript objects resulting in Prototype Pollution. The PayPal function could be tricked into adding or modifying properties of Object.prototype using a proto payload...
dpd-paypal-ap (>=0.0.1 <=0.0.9), paypal-pay (=0.1.1) potentially affected by CVE-2020-7643 via paypal-adaptive (>=0.1.1 <=0.4.2)
paypal-adaptive NPM version =0.1.1, =0.0.1, =0.0.9 - paypal-pay =0.1.1 Source cves: CVE-2020-7643 Source advisory: SNYK:JS-PAYPALADAPTIVE-565089...
Prototype Pollution
Overview paypal-adaptive is a sdk for Paypal Adaptive Payments and Paypal Adaptive Accounts APIs. Affected versions of this package are vulnerable to Prototype Pollution. The PayPal function could be tricked into adding or modifying properties of Object.prototype using a proto payload. PoC var...