EUVD-2021-1417

Malware in sbrugna...

CVE-2021-25928

Prototype pollution vulnerability in 'safe-obj' versions 1.0.0 through 1.0.2 allows an attacker to cause a denial of service and may lead to remote code execution...

Prototype pollution in safe-obj

Prototype pollution vulnerability in 'safe-obj' versions 1.0.0 through 1.0.2 allows an attacker to cause a denial of service and may lead to remote code execution...

app.io (>=0.0.1 <=0.0.4), barbakoa (>=0.0.1 <=0.0.17) +21 more potentially affected by CVE-2021-25928 via safe-obj (=1.0.2)

safe-obj NPM version =1.0.2 is affected by a known vulnerability. The following packages have a transitive dependency on safe-obj and may be impacted: - app.io =0.0.1, =0.0.1, =0.4.0, =0.0.5, =0.0.1, =1.0.0, =1.0.0, =0.2.1, =1.0.0, =0.6.5, =0.3.0, =1.0.1, =1.0.0, =1.0.0, =1.2.2 and more Source...

Prototype Pollution

safe-obj is vulnerable to prototype pollution. An attacker is able to inject properties into existing construct prototypes and modify attributes such as proto, constructor and prototype...

CVE-2021-25928

Prototype pollution vulnerability in 'safe-obj' versions 1.0.0 through 1.0.2 allows an attacker to cause a denial of service and may lead to remote code execution...

CVE-2021-25928

Prototype pollution vulnerability in 'safe-obj' versions 1.0.0 through 1.0.2 allows an attacker to cause a denial of service and may lead to remote code execution...

Remote code execution

Prototype pollution vulnerability in 'safe-obj' versions 1.0.0 through 1.0.2 allows an attacker to cause a denial of service and may lead to remote code execution...

CVE-2021-25928

CVE-2021-25928 concerns a prototype pollution vulnerability in the npm package ‘safe-obj’ affecting versions 1.0.0 through 1.0.2. The issue allows an attacker to cause a denial of service and may lead to remote code execution via prototype pollution. Several connected sources corroborate the impa...

CVE-2021-25928

Prototype pollution vulnerability in 'safe-obj' versions 1.0.0 through 1.0.2 allows an attacker to cause a denial of service and may lead to remote code execution...

CVE-2021-25928

Prototype pollution vulnerability in 'safe-obj' versions 1.0.0 through 1.0.2 allows an attacker to cause a denial of service and may lead to remote code execution...

safe-obj 安全漏洞

A security vulnerability exists in safe-obj versions 1.0.0 through 1.0.2 that can be exploited by an attacker to cause a denial of service and possibly remote code execution...

Prototype Pollution in tandrewnichols/safe-obj

Description safe-obj is vulnerable to Prototype Pollution. Proof of Concept 1. Create the following PoC file: javascript // poc.js var safeObj = require"safe-obj" var obj = ; console.log"Before: " + .polluted safeObj.expandobj, "proto.polluted", true console.log"After: " + .polluted 2. Execute th...