GHSA-H8HF-X3F4-XWGP Mongoose Vulnerable to Prototype Pollution in Schema Object

Description Mongoose is a MongoDB object modeling tool designed to work in an asynchronous environment. Affected versions of this package are vulnerable to Prototype Pollution. The Schema.path function is vulnerable to prototype pollution when setting the schema object. This vulnerability allows...

GHSA-F825-F98C-GJ3G automattic/mongoose vulnerable to Prototype pollution via Schema.path

Mongoose is a MongoDB object modeling tool designed to work in an asynchronous environment. Affected versions of this package are vulnerable to Prototype Pollution. The Schema.path function is vulnerable to prototype pollution when setting the schema object. This vulnerability allows modification...

PT-2022-17426 · Mongoose · Mongoose

Name of the Vulnerable Software and Affected Versions: mongoose versions prior to 6.4.6 Description: The issue concerns a Prototype Pollution vulnerability in the mongoose package, a MongoDB object modeling tool. This vulnerability affects the Schema.path function, allowing modification of the...

Automattic Mongoose 安全漏洞

Automattic Mongoose is a MongoDB object modeling tool for asynchronous environments. A security vulnerability exists in Automattic Mongoose versions prior to 6.4.6, which stems from the Schema.path function being susceptible to prototype contamination when setting up schema objects, which can be...