Lucene search
Veracode Vulnerability DatabaseVERACODE:37131HistorySep 19, 2022 - 8:27 a.m.
Prototype Pollution
2022-09-1908:27:28
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
7
vulnerability
prototype pollution
convertlater function
npm-convert.js
javascript application object
0.003 Low
EPSS
Percentile
65.4%
steal is vulnerable to prototype pollution. The vulnerability exists because of lack of validation in convertLater function in npm-convert.js which allows an attacker to inject malicious characteristics to add new values to a javascript application object prototype,overwriting or contaminating the base object.
Related
cve
cve
CVE-2022-37258
2022-09-16 22:15:12
osv
osv
CVE-2022-37258
2022-09-16 22:15:12
steal vulnerable to Prototype Pollution
2022-09-17 00:00:30
github
github
steal vulnerable to Prototype Pollution
2022-09-17 00:00:30
cvelist
cvelist
CVE-2022-37258
2022-09-16 20:57:18
nvd
nvd
CVE-2022-37258
2022-09-16 22:15:12
veracode
veracode
Prototype Pollution
2022-09-19 08:50:37
prion
prion
Code injection
2022-09-16 22:15:00