-
* **Version**: 2.8.0
* **Platform**: Node v12.3.0
* **Description**: Proof of concept: https://github.com/mostafa/js-pp-poc
-
### Description
Minimist prior to 1.2.6 and 0.2.4 is vulnerable to Prototype Pollution via file `index.js`, function `setKey()` (lines 69-95).
### Severity Check
- [ ] Low
- [ ] Moderate
- [ ] High…
-
"Versions of handlebars prior to are vulnerable to Prototype Pollution leading to Remote Code Execution"
**Remediation**
Upgrade to version 4.3.0 or later.
![Screen Shot 2019-09-26 at 11 27 50]…
axago updated
4 years ago
-
e.g. https://github.com/fastify/secure-json-parse (h/t @633kh4ck), but maybe something more performant per platform, e.g. removing `__proto__` on the native side in react native
-
## https://snyk.io/blog/snyk-research-team-discovers-severe-prototype-pollution-security-vulnerabilities-affecting-all-versions-of-lodash/
It seems the last version of grunt-ts requires the follo…
-
hello @gunn
I am using `pure-store` in my project and when i run:
```
$ yarn audit
```
I get this output:
```
┌───────────────┬─────────────────────────────────────────────────────────────…
-
👋 Hello, @0xfede - a potential high severity Prototype Pollution vulnerability in your repository has been disclosed to us.
#### Next Steps
1️⃣ Visit **https://huntr.dev/bounties/1-other-vivoch…
-
npm audit fails with
│ High │ Prototype Pollution Protection Bypass │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package …
-
Minimist
-
Is it useful to add a section on prototype pollution (not to be confused with http parameter pollution)? This vulnerability is a couple of years old but I cant find any reference in any OWASP project …