11 matches found
EUVD-2025-31070
Malicious code in bioql PyPI...
CVE-2025-57351
A prototype pollution vulnerability exists in the ts-fns package versions prior to 13.0.7, where insufficient validation of user-provided keys in the assign function allows attackers to manipulate the Object.prototype chain. By leveraging this flaw, adversaries may inject arbitrary properties int...
algeb (>=1.0.0 <=5.4.0), anys (>=0.0.1 <=9.0.0) +37 more potentially affected by CVE-2025-57351 via ts-fns (>=0.0.11 <=9.3.2)
ts-fns NPM version =0.0.11, =1.0.0, =0.0.1, =0.0.1, =1.1.0, =1.0.1, =1.0.1, =1.0.1, =1.0.1, =1.0.1, =1.0.1, =1.0.1, =1.0.1, =1.0.1, =1.0.2, =9.0.0 and more Source cves: CVE-2025-57351 Source advisory: SNYK:JS-TSFNS-13109930...
algeb (>=3.0.0 <=5.4.0), anys (>=0.0.1 <=9.0.0) +32 more potentially affected by CVE-2025-57351 via ts-fns (>=0.0.11 <=13.1.3)
ts-fns NPM version =0.0.11, =3.0.0, =0.0.1, =0.0.1, =1.1.0, =1.0.1, =1.0.1, =1.0.1, =1.0.1, =1.0.1, =1.0.1, =1.0.1, =1.0.1, =1.0.1, =1.0.2, =9.0.0 and more Source cves: CVE-2025-57351 Source advisory: OSV:GHSA-G7WQ-WGGW-VMHG...
Prototype Pollution
Overview ts-fns is a Public Functions. Affected versions of this package are vulnerable to Prototype Pollution via the assign function. An attacker can inject arbitrary properties into the global object's prototype by supplying crafted keys, which may result in application crashes, unexpected cod...
GHSA-G7WQ-WGGW-VMHG ts-fns has prototype pollution vulnerability
A prototype pollution vulnerability exists in the ts-fns package versions prior to 13.0.7, where insufficient validation of user-provided keys in the assign function allows attackers to manipulate the Object.prototype chain. By leveraging this flaw, adversaries may inject arbitrary properties int...
CVE-2025-57351
A prototype pollution vulnerability exists in the ts-fns package versions prior to 13.0.7, where insufficient validation of user-provided keys in the assign function allows attackers to manipulate the Object.prototype chain. By leveraging this flaw, adversaries may inject arbitrary properties int...
CVE-2025-57351
A prototype pollution vulnerability exists in the ts-fns package versions prior to 13.0.7, where insufficient validation of user-provided keys in the assign function allows attackers to manipulate the Object.prototype chain. By leveraging this flaw, adversaries may inject arbitrary properties int...
ts-fns 安全漏洞
ts-fns is a java library by tangshuang personal developer. A security vulnerability exists in ts-fns versions prior to 13.0.7, which stems from insufficient validation of user-supplied keys by the assign function and could lead to a prototype pollution attack...
PT-2025-39324
Name of the Vulnerable Software and Affected Versions ts-fns versions prior to 13.0.7 Description A prototype pollution issue exists due to inadequate validation of user-supplied keys within the assign function. This allows manipulation of the Object.prototype chain. Attackers can inject arbitrar...
CVE-2025-57351
A prototype pollution vulnerability exists in the ts-fns package versions prior to 13.0.7, where insufficient validation of user-provided keys in the assign function allows attackers to manipulate the Object.prototype chain. By leveraging this flaw, adversaries may inject arbitrary properties int...