3 matches found
GHSA-3XGX-R9J4-QW9W Prototype Pollution in Dexie
Dexie is a minimalistic wrapper for IndexedDB. The package dexie before 3.2.2, from 4.0.0-alpha.1 and before 4.0.0-alpha.3 are vulnerable to Prototype Pollution in the Dexie.setByKeyPathobj, keyPath, value function which does not properly check the keys being set like proto or constructor. This c...
CVE-2022-21189
The package dexie before 3.2.2, from 4.0.0-alpha.1 and before 4.0.0-alpha.3 are vulnerable to Prototype Pollution in the Dexie.setByKeyPathobj, keyPath, value function which does not properly check the keys being set like proto or constructor. This can allow an attacker to add/modify properties o...
Prototype Pollution
Overview Affected versions of this package are vulnerable to Prototype Pollution in the Dexie.setByKeyPathobj, keyPath, value function which does not properly check the keys being set like proto or constructor. This can allow an attacker to add/modify properties of the Object.prototype leading to...