7 matches found
Malicious Package
Overview buffer-util-extend is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious code in buffer-util-extend (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 374d8c5c4c32544741d1ea3788cfbccc3ee175f7181f8bdfa71cf4fde44121eb On require/import, index.js decodes a base64 string literal to https://www.jsonkeeper.com/b/CWOV9, fetches that anonymous JSON paste, and passes the...
MAL-2026-2920 Malicious code in buffer-util-extend (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 374d8c5c4c32544741d1ea3788cfbccc3ee175f7181f8bdfa71cf4fde44121eb On require/import, index.js decodes a base64 string literal to https://www.jsonkeeper.com/b/CWOV9, fetches that anonymous JSON paste, and passes the...
CVE-2023-26158
All versions of the package mockjs are vulnerable to Prototype Pollution via the Util.extend function due to missing check if the attribute resolves to the object prototype. By adding or modifying attributes of an object prototype, it is possible to create attributes that exist on every object, o...
GHSA-MH8J-9JVH-GJF6 mockjs vulnerable to Prototype Pollution via the Util.extend function
All versions of the package mockjs are vulnerable to Prototype Pollution via the Util.extend function due to missing check if the attribute resolves to the object prototype. By adding or modifying attributes of an object prototype, it is possible to create attributes that exist on every object, o...
CVE-2023-26158
All versions of the package mockjs are vulnerable to Prototype Pollution via the Util.extend function due to missing check if the attribute resolves to the object prototype. By adding or modifying attributes of an object prototype, it is possible to create attributes that exist on every object, o...
PT-2023-20535 · Mockjs · Mockjs
Name of the Vulnerable Software and Affected Versions: mockjs versions prior to a version with the fixed Util.extend function Description: The issue arises from a missing check in the Util.extend function, allowing Prototype Pollution. This occurs when an attribute resolves to the object prototyp...