@aaa-backend-stack/build-tools (>=1.16.0 <=2.4.4), @aaa-backend-stack/devtools (>=1.16.0 <=2.4.4) +141 more potentially affected by CVE-2019-10795 via undefsafe (>=0.0.2 <=2.0.1)

undefsafe NPM version =0.0.2, =1.16.0, =1.16.0, =1.16.0, =1.16.0, =1.16.0, =1.16.0, =1.16.1, =1.16.0, =1.16.0, =1.16.0, =1.16.0, =1.16.0, =1.16.0, =1.16.0, =1.16.0, =2.4.4 and more Source cves: CVE-2019-10795 Source advisory: OSV:GHSA-332Q-7FF2-57H2...

GHSA-332Q-7FF2-57H2 Prototype Pollution in undefsafe

undefsafe before 2.0.3 is vulnerable to Prototype Pollution. The 'a' function could be tricked into adding or modifying properties of Object.prototype using a proto payload...

CVE-2019-10795

undefsafe before 2.0.3 is vulnerable to Prototype Pollution. The 'a' function could be tricked into adding or modifying properties of Object.prototype using a proto payload...

AZL-44064 CVE-2019-10795 affecting package nodejs-nodemon 2.0.3-5

undefsafe before 2.0.3 is vulnerable to Prototype Pollution. The 'a' function could be tricked into adding or modifying properties of Object.prototype using a proto payload...

@zambezi/jsbin (=3.40.4-ez-bin.5), pin-api (>=1.1.0 <=1.3.1) potentially affected by CVE-2019-10795 via undefsafe (>=2.0.0 <=2.0.1)

undefsafe NPM version =2.0.0, =1.1.0, =1.3.1 Source cves: CVE-2019-10795 Source advisory: SNYK:JS-UNDEFSAFE-548940...