Lucene search
Veracode Vulnerability DatabaseVERACODE:29438HistoryFeb 19, 2021 - 2:55 a.m.
Prototype Pollution
2021-02-1902:55:24
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
9
prototype pollution
merge function
injection
modification
object prototypes
EPSS
0.004
Percentile
72.2%
merge is vulnerable to prototype pollution. The function _recursiveMerge allows for an injection of arbitrary properties into existing construct prototypes and modification of attributes such as __proto__, constructor and prototype.
Related
osv
osv
Prototype Pollution in merge
2021-05-04 20:18:47
CVE-2020-28499
2021-02-18 16:15:13
nvd
nvd
CVE-2020-28499
2021-02-18 16:15:13
huntr
huntr
Prototype Pollution in yeikos/js.merge
2020-09-23 00:00:00
cvelist
cvelist
CVE-2020-28499 Prototype Pollution
2021-02-18 00:00:00
prion
prion
Design/Logic Flaw
2021-02-18 16:15:00
cve
cve
CVE-2020-28499
2021-02-18 16:15:13
github
github
Prototype Pollution in merge
2021-05-04 20:18:47
nodejs
nodejs
Prototype Pollution
2021-05-04 20:21:00
