Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
veracodeVeracode Vulnerability DatabaseVERACODE:32083
HistorySep 14, 2021 - 3:53 a.m.

Prototype Pollution

2021-09-1403:53:02
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
7
vulnerability
prototype pollution
software
injection
set()
zipobject()

EPSS

0.004

Percentile

72.4%

JSON

@viking04/merge is vulnerable to prototype pollution. An attacker is able to exploit the vulnerability to inject arbitrary properties into existing construct prototypes and modify attributes such as __proto__, constructor and prototype via the set() and zipObject() function.

Related

cvelist 1
huntr 1
nvd 1
cve 1
osv 2
prion 1
github 1
cvelist
cvelist
CVE-2021-3645 Prototype Pollution in viking04/merge
2021-09-10 11:04:25
huntr
huntr
Prototype Pollution in viking04/merge
2021-09-08 11:01:26
nvd
nvd
CVE-2021-3645
2021-09-10 11:15:09
cve
cve
CVE-2021-3645
2021-09-10 11:15:09
osv
osv
merge vulnerable to Prototype Pollution
2021-09-13 20:16:54
CVE-2021-3645
2021-09-10 11:15:09
prion
prion
Code injection
2021-09-10 11:15:00
github
github
merge vulnerable to Prototype Pollution
2021-09-13 20:16:54

EPSS

0.004

Percentile

72.4%

JSON
Related for VERACODE:32083
cvelist1huntr1nvd1cve1osv2prion1github1