• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-1321

CVE-2020-36604

February 26, 2023 by

hoek before 8.5.1 and 9.x before 9.0.3 allows prototype poisoning in the clone function.

CVE-2020-36618

February 26, 2023 by

A vulnerability classified as critical has been found in Furqan node-whois. Affected is an unknown function of the file index.coffee. The manipulation leads to improperly controlled modification of object prototype attributes (‘prototype pollution’). It is possible to launch the attack remotely. The name of the patch is 46ccc2aee8d063c7b6b4dee2c2834113b7286076. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-216252.

CVE-2020-28441

February 26, 2023 by

This affects the package conf-cfg-ini before 1.2.2. If an attacker submits a malicious INI file to an application that parses it with decode, they will pollute the prototype on the application. This can be exploited further depending on the context.

CVE-2020-28448

February 26, 2023 by

This affects the package multi-ini before 2.1.1. It is possible to pollute an object’s prototype by specifying the proto object as part of an array.

CVE-2020-28458

February 26, 2023 by

All versions of package datatables.net are vulnerable to Prototype Pollution due to an incomplete fix for https://snyk.io/vuln/SNYK-JS-DATATABLESNET-598806.

CVE-2020-28460

February 26, 2023 by

This affects the package multi-ini before 2.1.2. It is possible to pollute an object’s prototype by specifying the constructor.proto object as part of an array. This is a bypass of CVE-2020-28448.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 9
  • Go to page 10
  • Go to page 11
  • Go to page 12
  • Go to page 13
  • Interim pages omitted …
  • Go to page 37
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE