| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| All versions of package promisehelpers are vulnerable to Prototype Pollution via the insert function. |
| All versions of package nodee-utils are vulnerable to Prototype Pollution via the deepSet function. |
| All versions of package node-oojs are vulnerable to Prototype Pollution via the setPath function. |
| The package node-forge before 0.10.0 is vulnerable to Prototype Pollution via the util.setPath function. Note: Version 0.10.0 is a breaking change removing the vulnerable functions. |
| Versions of package locutus before 2.0.12 are vulnerable to prototype Pollution via the php.strings.parse_str function. |
| All versions of package gammautils are vulnerable to Prototype Pollution via the deepSet and deepMerge functions. |
| All versions of package dot-notes are vulnerable to Prototype Pollution via the create function. |
| All versions of package deeps are vulnerable to Prototype Pollution via the set function. |
| All versions of package deep-get-set are vulnerable to Prototype Pollution via the main function. |
| All versions of package confucious are vulnerable to Prototype Pollution via the set function. |
| All versions of package arr-flatten-unflatten are vulnerable to Prototype Pollution via the constructor. |
| The package irrelon-path before 4.7.0; the package @irrelon/path before 4.7.0 are vulnerable to Prototype Pollution via the set, unSet, pushVal and pullVal functions. |
| The package property-expr before 2.0.3 are vulnerable to Prototype Pollution via the setter function. |
| The package connie-lang before 0.1.1 are vulnerable to Prototype Pollution in the configuration language library used by connie. |
| The package linux-cmdline before 1.0.1 are vulnerable to Prototype Pollution via the constructor. |
| All versions of package nis-utils are vulnerable to Prototype Pollution via the setValue function. |
| All versions of package templ8 are vulnerable to Prototype Pollution via the parse function. |
| madlib-object-utils before 0.1.7 is vulnerable to Prototype Pollution via setValue. |
| All versions of phpjs are vulnerable to Prototype Pollution via parse_str. |
| This affects the package express-fileupload before 1.1.8. If the parseNested option is enabled, sending a corrupt HTTP request can lead to denial of service or arbitrary code execution. |
