Lucene search
Veracode Vulnerability DatabaseVERACODE:30654HistoryMay 24, 2021 - 9:48 a.m.
Prototype Pollution
2021-05-2409:48:30
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
4
0.003 Low
EPSS
Percentile
66.0%
body-parser-xml is vulnerable to prototype pollution. An attacker is able to exploit the vulnerability to inject arbitrary properties into existing construct prototypes and modify attributes such as __proto__, constructor and prototype in the index.js .
| CPE | Name | Operator | Version |
|---|---|---|---|
| body-parser-xml | le | 2.0.2 | |
| body-parser-xml | le | 2.0.2 |
References
github.com/fiznool/body-parser-xml/commit/d46ca622560f7c9a033cd9321c61e92558150d63
github.com/fiznool/body-parser-xml/compare/9e569b71967d439265d7c5b0e72d97b678641ed4...d46ca622560f7c9a033cd9321c61e92558150d63
github.com/fiznool/body-parser-xml/pull/69
huntr.dev/bounties/1-other-fiznool/body-parser-xml
Related
osv
osv
body-parser-xml vulnerable to Prototype Pollution
2021-09-14 20:25:35
CVE-2021-3666
2021-09-13 18:15:25
prion
prion
Code injection
2021-09-13 18:15:00
huntr
huntr
Prototype Pollution in fiznool/body-parser-xml
2021-05-18 09:33:53
cvelist
cvelist
CVE-2021-3666 Prototype Pollution in fiznool/body-parser-xml
2021-09-13 17:56:50
cve
cve
CVE-2021-3666
2021-09-13 18:15:25
github
github
body-parser-xml vulnerable to Prototype Pollution
2021-09-14 20:25:35
cnvd
cnvd
body-parser-xml code issue vulnerability
2021-09-15 00:00:00
nvd
nvd
CVE-2021-3666
2021-09-13 18:15:25