16 matches found
Prototype Pollution
spmrc is vulnerable to Prototype Pollution. The vulnerability is due to improper input validation in the set and config functions, which allows an attacker to supply a crafted payload to inject properties on Object.prototype, leading to denial of service DoS or other unexpected behaviors...
EUVD-2025-31058
Malicious code in bioql PyPI...
CVE-2025-57327
spmrc is a package that provides the rc manager for spm. A Prototype Pollution vulnerability in the set and config function of spmrc version 1.2.0 and before allows attackers to inject properties on Object.prototype via supplying a crafted payload, causing denial of service DoS as the minimum...
PT-2025-39686
🟠 https://t.co/K1gep42ZWg spmrc, Prototype Pollution, CVE-2025-45628 Low...
acharts (=1.0.34), amb (>=2.1.1 <=2.1.3) +48 more potentially affected by CVE-2025-57327 via spmrc (>=0.1.0 <=1.2.0)
spmrc NPM version =0.1.0, =2.1.1, =1.4.1, =0.1.0, =0.2.0, =0.2.0, =0.1.0, =0.1.3, =0.5.8, =0.0.1, =0.2.1, =0.5.12 and more Source cves: CVE-2025-57327 Source advisory: OSV:GHSA-R2RV-8PP3-65XW...
Prototype Pollution
Overview spmrc is a spmrc Affected versions of this package are vulnerable to Prototype Pollution via the set and config functions. An attacker can inject arbitrary properties into Object.prototype by supplying a crafted payload, potentially causing application instability or denial of service...
acharts (=1.0.34), amb (>=2.1.1 <=2.1.3) +48 more potentially affected by CVE-2025-57327 via spmrc (>=0.1.0 <=1.2.0)
spmrc NPM version =0.1.0, =2.1.1, =1.4.1, =0.1.0, =0.2.0, =0.2.0, =0.1.0, =0.1.3, =0.5.8, =0.0.1, =0.2.1, =0.5.12 and more Source cves: CVE-2025-57327 Source advisory: SNYK:JS-SPMRC-13110015...
spmrc vulnerable to prototype pollution
spmrc is a package that provides the rc manager for spm. A Prototype Pollution vulnerability in the set and config function of spmrc version 1.2.0 and before allows attackers to inject properties on Object.prototype via supplying a crafted payload, causing denial of service DoS as the minimum...
GHSA-R2RV-8PP3-65XW spmrc vulnerable to prototype pollution
spmrc is a package that provides the rc manager for spm. A Prototype Pollution vulnerability in the set and config function of spmrc version 1.2.0 and before allows attackers to inject properties on Object.prototype via supplying a crafted payload, causing denial of service DoS as the minimum...
CVE-2025-57327
spmrc is a package that provides the rc manager for spm. A Prototype Pollution vulnerability in the set and config function of spmrc version 1.2.0 and before allows attackers to inject properties on Object.prototype via supplying a crafted payload, causing denial of service DoS as the minimum...
CVE-2025-57327
spmrc is a package that provides the rc manager for spm. A Prototype Pollution vulnerability in the set and config function of spmrc version 1.2.0 and before allows attackers to inject properties on Object.prototype via supplying a crafted payload, causing denial of service DoS as the minimum...
PT-2025-39336
Name of the Vulnerable Software and Affected Versions spmrc versions prior to 1.2.0 Description spmrc is a package that provides the rc manager for spm. A Prototype Pollution vulnerability exists in the set and config functions. This allows attackers to inject properties on Object.prototype by...
CVE-2025-57327
spmrc is a package that provides the rc manager for spm. A Prototype Pollution vulnerability in the set and config function of spmrc version 1.2.0 and before allows attackers to inject properties on Object.prototype via supplying a crafted payload, causing denial of service DoS as the minimum...
CVE-2025-57327
CVE-2025-57327 affects the spmrc package (rc manager for spm) and describes a Prototype Pollution vulnerability in the set and config functions. The vulnerability lets an attacker inject properties into Object.prototype via a crafted payload, with the minimum consequence being Denial of Service. ...
spmrc 安全漏洞
spmrc is an open source spmrc management library from Static Package Manager. A security vulnerability exists in spmrc 1.2.0 and earlier versions, which stems from prototype contamination of the set and config functions, which allows an attacker to inject attributes via a specially crafted payloa...
CVE-2025-57327
spmrc is a package that provides the rc manager for spm. A Prototype Pollution vulnerability in the set and config function of spmrc version 1.2.0 and before allows attackers to inject properties on Object.prototype via supplying a crafted payload, causing denial of service DoS as the minimum...