Lucene search
Veracode Vulnerability DatabaseVERACODE:28798HistoryDec 23, 2020 - 2:13 a.m.
Prototype Pollution
2020-12-2302:13:52
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
8
0.006 Low
EPSS
Percentile
78.7%
multi-ini is vulnerable to prototype pollution. An attacker is able to inject properties into existing construct prototypes and modify attributes such as __proto__, constructor and prototype by specifying the constructor.proto object as part of an array. This vulnerability exists due to bypass of the fix for CVE-2020-28448.
Related
cvelist
cvelist
CVE-2020-28460 Prototype Pollution
2020-12-22 00:00:00
CVE-2020-28448 Prototype Pollution
2020-12-22 00:00:00
cve
cve
CVE-2020-28460
2020-12-22 13:15:12
CVE-2020-28448
2020-12-22 13:15:12
prion
prion
Type confusion
2020-12-22 13:15:00
Code injection
2020-12-22 13:15:00
osv
osv
Prototype pollution in multi-ini
2021-04-13 15:23:41
CVE-2020-28460
2020-12-22 13:15:12
Prototype Pollution in multi-ini
2021-04-13 15:23:59
nvd
nvd
CVE-2020-28460
2020-12-22 13:15:12
CVE-2020-28448
2020-12-22 13:15:12
github
github
Prototype pollution in multi-ini
2021-04-13 15:23:41
Prototype Pollution in multi-ini
2021-04-13 15:23:59
huntr
huntr
Prototype Pollution in evangelion1204/multi-ini
2020-12-14 00:00:00
veracode
veracode
Prototype Pollution
2020-12-23 05:29:42