The scm plug-in in mock might allow attackers to bypass the intended chroot protection mechanism and gain root privileges via a crafted spec...
7.8CVSS
7.3AI Score
0.002EPSS
express-mock-middleware through 0.0.6 is vulnerable to Prototype Pollution. Exported functions by the package can be tricked into adding or modifying properties of the Object.prototype. Exploitation of this vulnerability requires creation of a new directory where an attack code can be placed which....
5.3CVSS
5.3AI Score
0.001EPSS
easy-mock v1.5.0-v1.6.0 allows remote attackers to bypass the vm2 sandbox and execute arbitrary system commands through special js...
8.8CVSS
9.1AI Score
0.005EPSS