Prototype Pollution in lukebond json-override 0.2.0 allows attackers to to execute arbitrary code or cause a Denial of Service (DoS) via the __proto__ property.
Versions of the package jsondiffpatch before 0.7.6 are vulnerable to Prototype Pollution via the jsondiffpatch.patch() and jsondiffpatch/formatters/jsonpatch.patch() APIs. An attacker can perform prot
The csvtojson package, a tool for converting CSV data to JSON with customizable parsing capabilities, contains a prototype pollution vulnerability in versions prior to 2.0.10. This issue arises due to
A prototype pollution in the function lib.parse of dot-properties v1.0.1 allows attackers to cause a Denial of Service (DoS) via supplying a crafted payload.
Prototype pollution vulnerability in apidoc-core versions 0.2.0 and all subsequent versions allows remote attackers to modify JavaScript object prototypes via malformed data structures, including the
oRPC is an tool that helps build APIs that are end-to-end type-safe and adhere to OpenAPI standards. Prior to version 1.13.6, a prototype pollution vulnerability exists in the RPC JSON deserializer of
A vulnerability exists in the 'dagre-d3-es' Node.js package version 7.0.9, specifically within the 'bk' module's addConflict function, which fails to properly sanitize user-supplied input during prope
A Prototype Pollution vulnerability in the toCsv function of csvjson versions thru 5.1.0 allows attackers to inject properties on Object.prototype via supplying a crafted payload, causing denial of se
A prototype pollution vulnerability exists in @nyariv/sandboxjs versions <= 0.8.23, allowing attackers to inject arbitrary properties into Object.prototype via crafted JavaScript code. This can result
A prototype pollution in the lib.merge function of xe-utils v3.5.31 allows attackers to cause a Denial of Service (DoS) via supplying a crafted payload.
A prototype pollution in the lib.deep function of @ndhoule/defaults v2.0.1 allows attackers to cause a Denial of Service (DoS) via supplying a crafted payload.
The messageformat package, an implementation of the Unicode MessageFormat 2 specification for JavaScript, is vulnerable to prototype pollution due to improper handling of message key paths in versions
A prototype pollution in the lib.merge function of cli-util v1.1.27 allows attackers to cause a Denial of Service (DoS) via supplying a crafted payload.
An issue in OneTrust SDK v.6.33.0 allows a local attacker to cause a denial of service via the Object.setPrototypeOf, __proto__, and Object.assign components. NOTE: this is disputed by the Supplier wh
A prototype pollution in the lib function of expand-object v0.4.2 allows attackers to cause a Denial of Service (DoS) via supplying a crafted payload.
A vulnerability exists in the 'counterpart' library for Node.js and the browser due to insufficient sanitization of user-controlled input in translation key processing. The affected versions prior to
A prototype pollution in the lib.post function of ajax-request v1.2.3 allows attackers to cause a Denial of Service (DoS) via supplying a crafted payload.
A vulnerability was determined in 1024bit extend-deep up to 0.1.6. The impacted element is an unknown function of the file index.js. This manipulation of the argument __proto__ causes improperly contr
A prototype pollution in the lib.parse function of dot-qs v0.2.0 allows attackers to cause a Denial of Service (DoS) via supplying a crafted payload.
A prototype pollution in the lib function of php-date-formatter v1.3.6 allows attackers to cause a Denial of Service (DoS) via supplying a crafted payload.
Page 1+ Next →