3 matches found
Prototype Pollution
Overview ts-fns is a Public Functions. Affected versions of this package are vulnerable to Prototype Pollution via the assign function. An attacker can inject arbitrary properties into the global object's prototype by supplying crafted keys, which may result in application crashes, unexpected cod...
Prototype Pollution
Overview promisehelpers is a Promise helper functions Affected versions of this package are vulnerable to Prototype Pollution via the insert function. POC: const promisehelpers = require'promisehelpers'; var obj = ; promisehelpers.insert'proto', 'polluted', trueobj; console.logpolluted; // true...
Prototype Pollution
Overview grpc is a gRPC Library for Node Affected versions of this package are vulnerable to Prototype Pollution via loadPackageDefinition. POC: const loadPackageDefinition = require'grpc'; loadPackageDefinition'proto.polluted': true; console.logpolluted; Details Prototype Pollution is a...