Lucene search
Veracode Vulnerability DatabaseVERACODE:38560HistoryDec 22, 2022 - 5:23 a.m.
Prototype Pollution
2022-12-2205:23:51
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
13
dustjs-linkedin
vulnerability
prototype pollution
javascript
application object
EPSS
0.008
Percentile
81.5%
dustjs-linkedin is vulnerable to prototype pollution. The vulnerability exists because prototype attributes are not properly validated which allows an attacker to inject malicious characteristics to add new properties to a JavaScript application object prototype, overwriting or contaminating the base object.
References
github.com/advisories/GHSA-c6rp-wrp9-qr4q
github.com/linkedin/dustjs/commit/ddb6523832465d38c9d80189e9de60519ac307c3
github.com/linkedin/dustjs/issues/804
github.com/linkedin/dustjs/pull/805
github.com/linkedin/dustjs/releases/tag/v3.0.0
github.com/linkedin/dustjs/releases/tag/v3.0.1
vuldb.com/?ctiid.216464
vuldb.com/?id.216464
Related
osv
osv
CVE-2021-4264
2022-12-21 19:15:12
dustjs-linkedin vulnerable to Prototype Pollution
2022-12-21 21:30:15
github
github
dustjs-linkedin vulnerable to Prototype Pollution
2022-12-21 21:30:15
cvelist
cvelist
CVE-2021-4264 LinkedIn dustjs prototype pollution
2022-12-21 00:00:00
prion
prion
Design/Logic Flaw
2022-12-21 19:15:00
cve
cve
CVE-2021-4264
2022-12-21 19:15:12
nvd
nvd
CVE-2021-4264
2022-12-21 19:15:12
