Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

  1. Reconshell
  2. Vulnerabilities (CVE)
Filtered by CWE-1321
Total 208 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-23574 1 Js-data 1 Js-data 2022-01-12 7.5 HIGH 9.8 CRITICAL
All versions of package js-data are vulnerable to Prototype Pollution via the deepFillIn and the set functions. This is an incomplete fix of [CVE-2020-28442](https://snyk.io/vuln/SNYK-JS-JSDATA-1023655).
CVE-2020-28270 1 Mjpclab 1 Object-hierarchy-access 2022-01-06 7.5 HIGH 9.8 CRITICAL
Prototype pollution vulnerability in 'object-hierarchy-access' versions 0.2.0 through 0.32.0 allows attacker to cause a denial of service and may lead to remote code execution.
CVE-2021-23663 1 Sey Project 1 Sey 2021-12-14 7.5 HIGH 9.8 CRITICAL
All versions of package sey are vulnerable to Prototype Pollution via the deepmerge() function.
CVE-2021-23700 1 Merge-deep2 Project 1 Merge-deep2 2021-12-14 7.5 HIGH 9.8 CRITICAL
All versions of package merge-deep2 are vulnerable to Prototype Pollution via the mergeDeep() function.
CVE-2021-23561 1 C2fo 1 Comb 2021-12-14 7.5 HIGH 9.8 CRITICAL
All versions of package comb are vulnerable to Prototype Pollution via the deepMerge() function.
CVE-2021-28860 1 Adaltas 1 Mixme 2021-12-10 6.4 MEDIUM 9.1 CRITICAL
In Node.js mixme, prior to v0.5.1, an attacker can add or alter properties of an object via '__proto__' through the mutate() and merge() functions. The polluted attribute will be directly assigned to every object in the program. This will put the availability of the program at risk causing a potential denial of service (DoS).
CVE-2021-3815 1 Utils.js Project 1 Utils.js 2021-12-10 7.5 HIGH 9.8 CRITICAL
utils.js is vulnerable to Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
CVE-2021-23383 2 Handlebarsjs, Netapp 2 Handlebars, E-series Performance Analyzer 2021-12-03 7.5 HIGH 9.8 CRITICAL
The package handlebars before 4.7.7 are vulnerable to Prototype Pollution when selecting certain compiling options to compile templates coming from an untrusted source.