Skip to main content

Madlib Object Utils

2 CVEs product

Monthly

CVE-2022-24279 npm HIGH POC PATCH This Week

The package madlib-object-utils before 0.1.8 are vulnerable to Prototype Pollution via the setValue method, as it allows an attacker to merge object prototypes into it. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Prototype Pollution Information Disclosure Madlib Object Utils
NVD GitHub
CVSS 3.1
7.5
EPSS
1.4%
CVE-2020-7701 npm CRITICAL POC PATCH Act Now

madlib-object-utils before 0.1.7 is vulnerable to Prototype Pollution via setValue. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Prototype Pollution Information Disclosure Madlib Object Utils
NVD
CVSS 3.1
9.8
EPSS
2.1%
EPSS 1% CVSS 7.5
HIGH POC PATCH This Week

The package madlib-object-utils before 0.1.8 are vulnerable to Prototype Pollution via the setValue method, as it allows an attacker to merge object prototypes into it. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Prototype Pollution Information Disclosure Madlib Object Utils
NVD GitHub
EPSS 2% CVSS 9.8
CRITICAL POC PATCH Act Now

madlib-object-utils before 0.1.7 is vulnerable to Prototype Pollution via setValue. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Prototype Pollution Information Disclosure Madlib Object Utils
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy