Lucene search
Veracode Vulnerability DatabaseVERACODE:22182HistoryDec 17, 2019 - 2:47 a.m.
Prototype Pollution
2019-12-1702:47:19
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
6
0.001 Low
EPSS
Percentile
38.8%
kind-of is vulnerable to prototype pollution. The built-in constructor does not validate or detect type information of user input. If conditions allow, an attacker is able to submit a malicious payload to overwrite the built-in attribute to manipulate the type detection results, and potentially execute arbitrary code.
Related
ubuntucve
ubuntucve
CVE-2019-20149
2019-12-30 00:00:00
githubexploit
githubexploit
Exploit for Exposure of Resource to Wrong Sphere in Kind-Of Project Kind-Of
2020-12-01 09:18:58
redhatcve
redhatcve
CVE-2019-20149
2021-05-13 05:51:53
cvelist
cvelist
CVE-2019-20149
2019-12-30 18:25:10
osv
osv
Validation Bypass in kind-of
2020-03-31 15:59:54
CVE-2019-20149
2019-12-30 19:15:11
nvd
nvd
CVE-2019-20149
2019-12-30 19:15:11
github
github
Validation Bypass in kind-of
2020-03-31 15:59:54
debiancve
debiancve
CVE-2019-20149
2019-12-30 19:15:11
prion
prion
Design/Logic Flaw
2019-12-30 19:15:00
cve
cve
CVE-2019-20149
2019-12-30 19:15:11
nessus
nessus
RHEL 8 : nodejs-kind-of (Unpatched Vulnerability)
2024-05-11 00:00:00
Splunk Enterprise < 8.1.14, 8.2.0 < 8.2.11, 9.0.0 < 9.0.5 (SVD-2023-0613)
2024-05-02 00:00:00
ibm
ibm
Security Bulletin: IBM Cloud Pak for Security includes components with multiple known vulnerabilities
2023-08-01 14:54:42
Security Bulletin: Multiple vulnerabilites affect IBM Engineering products.
2021-03-29 21:46:36
Security Bulletin: OSS security Scan issues for Concerto installer.
2020-12-08 06:37:17
redhat
redhat