-
### Version
4.2.3
### Reproduction link
[n/a](n/a)
### Environment info
```
This issue is present in all normal usage environments.
```
### Steps to reproduce
This issue can b…
-
## Overview
Affected versions of this package are vulnerable to Prototype Pollution. An attacker can manipulate the prototype of an object, potentially leading to the alteration of behavior of all …
-
## Overview
Affected versions of this package are vulnerable to Prototype Pollution. An attacker can manipulate the prototype of an object, potentially leading to the alteration of behavior of all …
-
👋 Hello, @jaredhanson - a potential high severity Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') (CWE-1321) vulnerability in your repository has been disclos…
-
There are 11 packages that seem to me that are mislabeled.
You can collect them by doing `grep -r "expect({}.polluted).toBe(undefined);"` on the `code-injection` folder.
Instead of arbitrary cod…
-
For my library it is imperative that it is able to modify the `__proto__` property of the window object, so that it can shim the `addEventListener` function to do selective event discarding: https://g…
-
Prototype Pollution vulnerability affecting latest version
Vulnerable function: restoreState in helpers.js, find below the code snippet
Details
Prototype Pollution is a vulnerability affecti…
-
**Issue Description:**
I'm encountering a vulnerability issue with my Node.js project that involves the `lodash.set` package. Despite attempting the suggested fix via `npm audit fix --force` and ma…
-
## Vulnerabilities found for centraldashboard:1.9.0
```
For OSS Maintainers: VEX Notice
--------------------------------
If you're an OSS maintainer and Trivy has detected vulnerabilities in your pr…
-
Hi ,
There were may utilities similar to yours which offered deep copying,cloning and merging functionalities.
I suggest there should always be a check when key is proto,prototype and constructor.(T…