EUVD-2021-1116

Malware in sbrugna...

Radashi 安全漏洞

Radashi is a modern, community-first TypeScript toolkit open-sourced by Radashi. A security vulnerability exists in Radashi versions prior to 12.5.1 that stems from the set function being vulnerable to prototype contamination attacks...

UBUNTU-CVE-2023-26132

Versions of the package dottie before 2.0.4 are vulnerable to Prototype Pollution due to insufficient checks, via the set function and the current variable in the /dottie.js file...

CVE-2022-25862

This affects the package sds from 0.0.0. The library could be tricked into adding or modifying properties of the Object.prototype by abusing the set function located in js/set.js. Note: This vulnerability derives from an incomplete fix to CVE-2020-7618...

The vulnerability of the set function in the object-path library of the Aurora Application Software Center, related to uncontrolled changes to prototype attributes of objects, allows attackers to execute a “prototype pollution” attack.

The vulnerability of the set function in the object-path library of the Aurora application software is related to uncontrolled changes in object prototypes’ attributes. Exploiting this vulnerability could allow a malicious actor to execute an “infection of the prototype” attack...

GHSA-JH2M-J8PP-55RC Prototype Pollution in gedi

All versions of package gedi up to and including version 1.6.3 are vulnerable to Prototype Pollution via the set function...

The vulnerability of the set function in the structured data search package SDS of the package manager NPM allows a attacker to execute arbitrary code.

The vulnerability of the set function in the structured data search package SDS of the package manager NPM arises due to insufficient cleaning of the data provided by users. Exploiting this vulnerability can allow an attacker to execute arbitrary code...