Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
Tree Kit ProjectTree Kit

2 matches found

CVE
CVEadded 2022/12/25 3:53 p.m.61 views

CVE-2021-4278

The CVE-2021-4278 entry concerns cronvel tree-kit versions up to 0.6.x and describes a prototype pollution issue resulting from improper checks that allow manipulation of object prototype attributes. The root cause is an undefined part of the codebase, with the recommended remediation being an up...

7.8CVSS6.4AI score0.00427EPSS
CVE
CVEadded 2023/08/16 12:0 a.m.50 views

CVE-2023-38894

The CVE-2023-38894 entry concerns a Prototype Pollution vulnerability in Cronvel Tree-kit v0.7.4 and earlier. Affected component: the extend function used on nested objects. Root cause: prototype contamination allows an attacker to manipulate object prototypes, enabling remote arbitrary code exec...

9.8CVSS9.6AI score0.01683EPSS