GHSA-4MVJ-RQ4V-2FXW Prototype Pollution in x-assign

This vulnerability affects all versions of package x-assign. The global proto object can be polluted using the proto object...

Prototype Pollution in x-assign

This vulnerability affects all versions of package x-assign. The global proto object can be polluted using the proto object...

Prototype Pollution

x-assign is vulnerable to prototype pollution. An attacker is able to inject malicious properties into existing construct prototypes and modify attributes using the proto object...

CVE-2021-23452

This affects all versions of package x-assign. The global proto object can be polluted using the proto object...

Code injection

This affects all versions of package x-assign. The global proto object can be polluted using the proto object...

CVE-2021-23452

CVE-2021-23452 affects all versions of the package x-assign . The flaw is a prototype pollution vulnerability: an attacker can pollute the global proto object via the proto property, enabling manipulation of object prototypes and potentially leading to DoS or remote code execution as discussed in...

CVE-2021-23452 Prototype Pollution

This affects all versions of package x-assign. The global proto object can be polluted using the proto object...

x-assign 安全漏洞

X-assign is an Object.assign package. It is used to merge nested objects and concatenate arrays. A security vulnerability exists in x-assign, which stems from the fact that the software's global prototype object can be contaminated by the proto prototype object...

Prototype Pollution

Overview x-assign is an Object.assign that will merge nested objects and concatenate arrays. Affected versions of this package are vulnerable to Prototype Pollution. The global proto object can be polluted using the proto object. PoC const XAssign = require"[email protected]";...