4 matches found
EUVD-2021-2500
Malware in sbrugna...
CVE-2021-25953
Prototype pollution vulnerability in 'putil-merge' versions1.0.0 through 3.6.6 allows attacker to cause a denial of service and may lead to remote code execution...
@cscharpf/minio-client-versioned (>=1.0.0 <=1.0.8), @iliad.dev/strapi-adapter (>=0.0.43 <=0.2.2) +46 more potentially affected by CVE-2021-23470 via putil-merge (>=1.2.0 <=3.13.0)
putil-merge NPM version =1.2.0, =1.0.0, =0.0.43, =0.6.0, =0.12.0, =0.6.0, =0.6.0, =0.6.0, =1.0.0-beta.3, =0.6.0, =0.10.0, =0.6.0, =0.93.1, =4.0.1, =4.0.1, =5.0.4 and more Source cves: CVE-2021-23470 Source advisory: OSV:GHSA-4G77-CVGW-GRVW...
@cscharpf/minio-client-versioned (>=1.0.0 <=1.0.8), @iliad.dev/strapi-adapter (>=0.0.43 <=0.2.2) +46 more potentially affected by CVE-2021-23470 via putil-merge (=3.13.0)
putil-merge NPM version =3.13.0 is affected by a known vulnerability. The following packages have a transitive dependency on putil-merge and may be impacted: - @cscharpf/minio-client-versioned =1.0.0, =0.0.43, =0.6.0, =0.12.0, =0.6.0, =0.6.0, =0.6.0, =1.0.0-beta.3, =0.6.0, =0.10.0, =0.6.0, =0.93....