sds 安全漏洞

sds is a structured data search package. A security vulnerability exists in sds version 0.0.0 and later, which originates from a misuse of the set function located in js/set.js, where the library could be tricked into adding or modifying properties of Object.prototype...

Prototype Pollution

sds is vulnerable to prototype pollution. It accepts the injection of attributes to pollute the properties of the Object.prototype by the attacker using the set function in js/set.js,...

CVE-2020-7618

sds through 3.2.0 is vulnerable to Prototype Pollution.The library could be tricked into adding or modifying properties of the 'Object.prototype' by abusing the 'set' function located in 'js/set.js'...

Code injection

sds through 3.2.0 is vulnerable to Prototype Pollution.The library could be tricked into adding or modifying properties of the 'Object.prototype' by abusing the 'set' function located in 'js/set.js'...

CVE-2020-7618

sds through 3.2.0 is vulnerable to Prototype Pollution.The library could be tricked into adding or modifying properties of the 'Object.prototype' by abusing the 'set' function located in 'js/set.js'...

CVE-2020-7618

CVE-2020-7618 affects the sds package up to 3.2.0. The issue is Prototype Pollution via the set.js function, allowing manipulation of Object.prototype. Affected components: sds (monsterkodi/sds); root cause is unsafe prototype modification through js/set.js. Potential impact includes pollution of...

PT-2020-2798 · Sds · Sds

Name of the Vulnerable Software and Affected Versions: sds versions 0.0.0 through 3.2.0 Description: The issue is related to Prototype Pollution, where the library can be tricked into adding or modifying properties of the Object.prototype by abusing the set function located in js/set.js. This is...