15 matches found
Prototype Pollution
toggle-array is vulnerable to Prototype Pollution. The vulnerability is due to improper input validation in the enable and disable functions, which allows an attacker to supply a crafted payload and inject properties into the Object.prototype, potentially leading to denial of service DoS or...
EUVD-2025-31062
Malicious code in bioql PyPI...
CVE-2025-57328
toggle-array is a package designed to enables a property on the object at the specified index, while disabling the property on all other objects. A Prototype Pollution vulnerability in the enable and disable function of toggle-array v1.0.1 and before allows attackers to inject properties on...
PT-2025-39684
🔴 https://t.co/GlL5deDG8n toggle-array Prototype Pollution Vulnerability CVE-2025-42505 Low Severity...
4d-oled (>=1.0.0 <=1.0.2), @abb92/holidates (>=1.0.0 <=1.0.1) +974 more potentially affected by CVE-2025-57328 via toggle-array (>=0.1.0 <=1.0.1)
toggle-array NPM version =0.1.0, =1.0.0, =1.0.0, =5.0.0, =4.0.2, =0.0.0-snapshot-ZERO-3343-20250425065225, =0.8.1-beta.2, =0.1.0, =0.1.1-a, =1.0.0, =0.1.0, =1.0.0, =1.0.0, =1.11.0 and more Source cves: CVE-2025-57328 Source advisory: OSV:GHSA-34Q3-8X9V-J957...
4d-oled (>=1.0.0 <=1.0.2), @abb92/holidates (>=1.0.0 <=1.0.1) +974 more potentially affected by CVE-2025-57328 via toggle-array (>=0.1.0 <=1.0.1)
toggle-array NPM version =0.1.0, =1.0.0, =1.0.0, =5.0.0, =4.0.2, =0.0.0-snapshot-ZERO-3343-20250425065225, =0.8.1-beta.2, =0.1.0, =0.1.1-a, =1.0.0, =0.1.0, =1.0.0, =1.0.0, =1.11.0 and more Source cves: CVE-2025-57328 Source advisory: SNYK:JS-TOGGLEARRAY-13110016...
GHSA-34Q3-8X9V-J957 toggle-array vulnerable to prototype pollution
toggle-array is a package designed to enables a property on the object at the specified index, while disabling the property on all other objects. A Prototype Pollution vulnerability in the enable and disable function of toggle-array v1.0.1 and before allows attackers to inject properties on...
Prototype Pollution
Overview toggle-array is an In an array of objects, this enables a property on the object at the specified index, while disabling the property on all other objects. Affected versions of this package are vulnerable to Prototype Pollution via the enable and disable functions. An attacker can modify...
toggle-array vulnerable to prototype pollution
toggle-array is a package designed to enables a property on the object at the specified index, while disabling the property on all other objects. A Prototype Pollution vulnerability in the enable and disable function of toggle-array v1.0.1 and before allows attackers to inject properties on...
CVE-2025-57328
toggle-array is a package designed to enables a property on the object at the specified index, while disabling the property on all other objects. A Prototype Pollution vulnerability in the enable and disable function of toggle-array v1.0.1 and before allows attackers to inject properties on...
CVE-2025-57328
toggle-array is a package designed to enables a property on the object at the specified index, while disabling the property on all other objects. A Prototype Pollution vulnerability in the enable and disable function of toggle-array v1.0.1 and before allows attackers to inject properties on...
CVE-2025-57328
toggle-array is a package designed to enables a property on the object at the specified index, while disabling the property on all other objects. A Prototype Pollution vulnerability in the enable and disable function of toggle-array v1.0.1 and before allows attackers to inject properties on...
CVE-2025-57328
toggle-array is a package designed to enables a property on the object at the specified index, while disabling the property on all other objects. A Prototype Pollution vulnerability in the enable and disable function of toggle-array v1.0.1 and before allows attackers to inject properties on...
toggle-array 安全漏洞
toggle-array is a js library by the individual developer Jon Schlinkert. A security vulnerability exists in toggle-array 1.0.1 and earlier versions, which stems from prototype contamination in the enable and disable functions, which could lead to a denial of service attack...
CVE-2025-57328
CVE-2025-57328 — toggle-array prototype pollution is a vulnerability in the toggle-array package (v1.0.1 and earlier) where the enable and disable functions can inject properties onto Object.prototype, enabling prototype pollution and causing denial of service. Affected: toggle-array; vulnerabili...