Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') vulnerability in Mozilla Convict.
This allows an attacker to inject attributes that are used in other compone
Locutus brings stdlibs of other programming languages to JavaScript for educational purposes. Starting in version 2.0.39 and prior to version 3.0.25, a prototype pollution vulnerability exists in the
Acrobat Reader versions 26.001.21411, 24.001.30360, 24.001.30362 and earlier are affected by an Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') vulnerability
Acrobat Reader versions 24.001.30356, 26.001.21367 and earlier are affected by an Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') vulnerability that could res
A vulnerability was determined in brikcss merge up to 1.3.0. This affects an unknown part. Executing a manipulation of the argument __proto__/constructor.prototype/prototype can lead to improperly con
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') vulnerability in farinspace Partners partners allows Object Injection.This issue affects Partners: from n/a th
tRPC allows users to build and consume fully typesafe APIs without schemas or code generation. Starting in version 10.27.0 and prior to versions 10.45.3 and 11.8.0, a A prototype pollution vulnerabili
A vulnerability exists in the 'dagre-d3-es' Node.js package version 7.0.9, specifically within the 'bk' module's addConflict function, which fails to properly sanitize user-supplied input during prope
A prototype pollution vulnerability exists in the ts-fns package versions prior to 13.0.7, where insufficient validation of user-provided keys in the assign function allows attackers to manipulate the
A prototype pollution vulnerability exists in @nyariv/sandboxjs versions <= 0.8.23, allowing attackers to inject arbitrary properties into Object.prototype via crafted JavaScript code. This can result
Locutus brings stdlibs of other programming languages to JavaScript for educational purposes. In versions from 2.0.12 to before 2.0.39, a prototype pollution vulnerability exists in locutus. Despite a
Versions of the package dset before 3.1.4 are vulnerable to Prototype Pollution via the dset function due improper user input sanitization. This vulnerability allows the attacker to inject malicious o
The Runtime components of messageformat package for Node.js before 3.0.2 contain a prototype pollution vulnerability. Due to insufficient validation of nested message keys during the processing of mes
A vulnerability was found in docarray up to 0.40.1. It has been rated as critical. Affected by this issue is the function __getitem__ of the file /docarray/data/torch_dataset.py of the component Web A
A malicious page could have used the type attribute of an OBJECT tag to override the default browser behavior when encountering a web resource served without a content-type. This could have contribute
Improperly Controlled Modification of Dynamically-Determined Object Attributes vulnerability in Drupal Drupal core allows Object Injection.This issue affects Drupal core: from 8.0.0 before 10.3.13, fr
The csvtojson package, a tool for converting CSV data to JSON with customizable parsing capabilities, contains a prototype pollution vulnerability in versions prior to 2.0.10. This issue arises due to
Improperly Controlled Modification of Dynamically-Determined Object Attributes vulnerability in Drupal Drupal core allows Object Injection.This issue affects Drupal core: from 8.0.0 before 10.4.9, fro
A vulnerability exists in the 'counterpart' library for Node.js and the browser due to insufficient sanitization of user-controlled input in translation key processing. The affected versions prior to
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') vulnerability in Linkify (linkifyjs) allows XSS Targeting HTML Attributes and Manipulating User-Controlled Var
Page 1+ Next →