• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-1321

CVE-2020-28461

February 26, 2023 by

This affects the package js-ini before 1.3.0. If an attacker submits a malicious INI file to an application that parses it with parse , they will pollute the prototype on the application. This can be exploited further depending on the context.

CVE-2020-28462

February 26, 2023 by

This affects all versions of package ion-parser. If an attacker submits a malicious INI file to an application that parses it with parse , they will pollute the prototype on the application. This can be exploited further depending on the context.

CVE-2020-28471

February 26, 2023 by

This affects the package properties-reader before 2.2.0.

CVE-2020-28268

February 26, 2023 by

Prototype pollution vulnerability in ‘controlled-merge’ versions 1.0.0 through 1.2.0 allows attacker to cause a denial of service and may lead to remote code execution.

CVE-2020-28269

February 26, 2023 by

Prototype pollution vulnerability in ‘field’ versions 0.0.1 through 1.0.1 allows attacker to cause a denial of service and may lead to remote code execution.

CVE-2020-28270

February 26, 2023 by

Prototype pollution vulnerability in ‘object-hierarchy-access’ versions 0.2.0 through 0.32.0 allows attacker to cause a denial of service and may lead to remote code execution.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 10
  • Go to page 11
  • Go to page 12
  • Go to page 13
  • Go to page 14
  • Interim pages omitted …
  • Go to page 37
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE