CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

13 matches found

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2021-2452

Malware in sbrugna...

9.8CVSS9.4AI score0.0053EPSS

Exploits1References6

Github Security Blog•added 2021/12/10 6:53 p.m.•21 views

Prototype Pollution in ts-nodash

ts-nodash before version 1.2.7 is vulnerable to Prototype Pollution via the Merge function due to lack of validation input...

9.8CVSS4.9AI score0.0053EPSS

Exploits1References5Affected Software1

OSV•added 2021/12/10 6:53 p.m.•14 views

GHSA-5XJX-4XCM-HPCM Prototype Pollution in ts-nodash

ts-nodash before version 1.2.7 is vulnerable to Prototype Pollution via the Merge function due to lack of validation input...

7.3CVSS9.5AI score0.0053EPSS

Exploits1References5

CNVD•added 2021/07/06 12:0 a.m.•12 views

Unspecified vulnerability in ts-nodash

ts-nodash is a tool that provides object manipulation. A security vulnerability exists in ts-nodash that stems from a lack of validated input, and all versions of package -nodash are vulnerable to prototype contamination via the Merge function. No detailed vulnerability details are provided at th...

9.8CVSS6.7AI score0.0053EPSS

Exploits1References1

OSV•added 2021/07/02 5:15 p.m.•2 views

CVE-2021-23403

All versions of package ts-nodash are vulnerable to Prototype Pollution via the Merge function due to lack of validation input...

9.8CVSS7.3AI score0.0053EPSS

Exploits1References2

NVD•added 2021/07/02 5:15 p.m.•8 views

CVE-2021-23403

All versions of package ts-nodash are vulnerable to Prototype Pollution via the Merge function due to lack of validation input...

9.8CVSS0.0053EPSS

Exploits1References2

Prion•added 2021/07/02 5:15 p.m.•14 views

Input validation

All versions of package ts-nodash are vulnerable to Prototype Pollution via the Merge function due to lack of validation input...

7.5CVSS9.4AI score0.0053EPSS

Exploits1References2

Cvelist•added 2021/07/02 4:10 p.m.•9 views

CVE-2021-23403 Prototype Pollution

All versions of package ts-nodash are vulnerable to Prototype Pollution via the Merge function due to lack of validation input...

7.3CVSS9.7AI score0.0053EPSS

Exploits1References2

CVE•added 2021/07/02 4:10 p.m.•69 views

CVE-2021-23403

CVE-2021-23403 affects the npm package ts-nodash. All versions before 1.2.7 are vulnerable to a prototype pollution via the Merge() function due to lack of input validation. The root cause is unsafe merging that can inject proto -level properties into objects, enabling potential DoS or remote cod...

9.8CVSS8.5AI score0.0053EPSS

Exploits1References2Affected Software1

ATTACKERKB•added 2021/07/02 4:5 p.m.•2 views

CVE-2021-23403

All versions of package ts-nodash are vulnerable to Prototype Pollution via the Merge function due to lack of validation input...

9.8CVSS5.3AI score0.0053EPSS

Exploits1References3

CNNVD•added 2021/07/02 12:0 a.m.•3 views

ts-nodash 安全漏洞

9.8CVSS5.5AI score0.0053EPSS

Exploits1References3

Snyk•added 2021/06/17 3:3 p.m.•3 views

Prototype Pollution

Overview ts-nodash is a Provides object manipulation tools. Affected versions of this package are vulnerable to Prototype Pollution via the Merge function due to lack of validation input. PoC const nodash = require"ts-nodash"; let obj = ; console.log"Before being polluted: " + obj.polluted; var...

9.8CVSS8.9AI score0.0053EPSS

Exploits1References2

Huntr•added 2020/12/21 12:0 a.m.•11 views

Prototype Pollution in badopcode/nodash

Description ts-nodash is vulnerable to Prototype Pollution. Proof of Concept 1. Create the following PoC file: // poc.js var merge = require"ts-nodash".Merge const payload = JSON.parse'"proto":"polluted":"Yes! Its Polluted"'; var obj = console.log"Before : " + .polluted; mergeobj, payload;...

2AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by