Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
Lutils ProjectLutils

1 matches found

CVE
CVEadded 2021/06/17 4:15 p.m.58 views

CVE-2021-23396

The CVE-2021-23396 entry concerns the lutils package and a Prototype Pollution flaw in the main merge function. The vulnerability stems from an unsafe recursive merge that can serialize an attacker-controlled input into Object.prototype (via proto or path-based pollution), enabling manipulation o...

9.8CVSS7.5AI score0.01003EPSS