23 matches found
EUVD-2024-53520
Malicious code in bioql PyPI...
Prototype Pollution
utils-extend is vulnerable to Prototype Pollution. The vulnerability is due to the lib.extend function, which allows an attacker to modify the global prototype chain and potentially cause a denial of service DoS...
CVE-2024-57077
The latest version of utils-extend 1.0.8 is vulnerable to Prototype Pollution through the entry functions lib.extend. An attacker can supply a payload with Object.prototype setter to introduce or modify properties within the global prototype chain, causing denial of service DoS a the minimum...
utils-extend Prototype Pollution
The latest version of utils-extend 1.0.8 is vulnerable to Prototype Pollution through the entry functions lib.extend. An attacker can supply a payload with Object.prototype setter to introduce or modify properties within the global prototype chain, causing denial of service DoS a the minimum...
GHSA-7QGG-VW88-CC99 utils-extend Prototype Pollution
The latest version of utils-extend 1.0.8 is vulnerable to Prototype Pollution through the entry functions lib.extend. An attacker can supply a payload with Object.prototype setter to introduce or modify properties within the global prototype chain, causing denial of service DoS a the minimum...
1filecompiler (=0.0.2), @adrian.u/adritoolbox (>=1.0.0 <=1.1.0) +802 more potentially affected by CVE-2024-57077 via utils-extend (=1.0.8)
utils-extend NPM version =1.0.8 is affected by a known vulnerability. The following packages have a transitive dependency on utils-extend and may be impacted: - 1filecompiler =0.0.2 - @adrian.u/adritoolbox =1.0.0, =0.1.1, =0.1.0, =0.1.0, =1.0.2, =0.1.0, =0.0.1, =0.37.8, =1.0.1, =0.1.0, =1.0.2,...
CVE-2024-57077
The latest version of utils-extend 1.0.8 is vulnerable to Prototype Pollution through the entry functions lib.extend. An attacker can supply a payload with Object.prototype setter to introduce or modify properties within the global prototype chain, causing denial of service DoS a the minimum...
CVE-2024-57077
The latest version of utils-extend 1.0.8 is vulnerable to Prototype Pollution through the entry functions lib.extend. An attacker can supply a payload with Object.prototype setter to introduce or modify properties within the global prototype chain, causing denial of service DoS a the minimum...
CVE-2024-57077
CVE-2024-57077 affects utils-extend (version 1.0.8) with a Prototype Pollution flaw in the lib.extend entry point. The vulnerability allows an attacker to inject properties into Object.prototype, which can cause a denial of service (DoS). Public details include a PoC demonstrating pollution; sour...
CVE-2024-57077
The latest version of utils-extend 1.0.8 is vulnerable to Prototype Pollution through the entry functions lib.extend. An attacker can supply a payload with Object.prototype setter to introduce or modify properties within the global prototype chain, causing denial of service DoS a the minimum...
utils-extend 安全漏洞
utils-extend is an extension by nothing individual developer. A security vulnerability exists in utils-extend, which stems from the lib.extend function containing a prototype contamination vulnerability...
1filecompiler (=0.0.2), @adrian.u/adritoolbox (>=1.0.0 <=1.1.0) +802 more potentially affected by CVE-2020-8147 via utils-extend (=1.0.8)
utils-extend NPM version =1.0.8 is affected by a known vulnerability. The following packages have a transitive dependency on utils-extend and may be impacted: - 1filecompiler =0.0.2 - @adrian.u/adritoolbox =1.0.0, =0.1.1, =0.1.0, =0.1.0, =1.0.2, =0.1.0, =0.0.1, =0.37.8, =1.0.1, =0.1.0, =1.0.2,...
GHSA-6PQ3-928Q-X6W6 Prototype Pollution
All versions of utils-extend are vulnerable to prototype pollution. The extend function does not restrict the modification of an Object's prototype, which may allow an attacker to add or modify an existing property that will exist on all objects. Recommendation No fix is currently available...
npm package utils-extend input validation error vulnerability
npm package utils-extend is a lightweight package for extending Node.js utilities. An input validation error vulnerability exists in npm package utils-extend 1.0.8 and earlier versions. A remote attacker can exploit this vulnerability to execute code or cause a denial of service...
Prototype Pollution
Overview All versions of utils-extend are vulnerable to prototype pollution. The extend function does not restrict the modification of an Object's prototype, which may allow an attacker to add or modify an existing property that will exist on all objects. Recommendation No fix is currently...
CVE-2020-8147
Flaw in input validation in npm package utils-extend version 1.0.8 and earlier may allow prototype pollution attack that may result in remote code execution or denial of service of applications using utils-extend...
CVE-2020-8147
Flaw in input validation in npm package utils-extend version 1.0.8 and earlier may allow prototype pollution attack that may result in remote code execution or denial of service of applications using utils-extend...
Input validation
Flaw in input validation in npm package utils-extend version 1.0.8 and earlier may allow prototype pollution attack that may result in remote code execution or denial of service of applications using utils-extend...
CVE-2020-8147
CVE-2020-8147 affects the npm package utils-extend (version 1.0.8 and earlier). The underlying issue is a prototype pollution flaw in the extend function, allowing an attacker to modify a base Object’s prototype, with potential consequences including remote code execution or denial of service as ...
Prototype Pollution
utils-extend is vulnerable to prototype pollution. An attacker is able to modify the prototype of a base object and potentially execute arbitrary code...