Lucene search
Veracode Vulnerability DatabaseVERACODE:35772HistoryMay 30, 2022 - 11:03 a.m.
Prototype Pollution
2022-05-3011:03:05
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
13
0.001 Low
EPSS
Percentile
50.6%
protobufjs is vulnerable to prototype pollution. An attacker is able to add/modify properties of the Object.prototype by parsing/loading .proto files or via providing untrusted user input to util.setProperty or to ReflectionObject.setParsedOption functions, resulting in prototype pollution.
| CPE | Name | Operator | Version |
|---|---|---|---|
| protobufjs | le | 6.11.2 | |
| protobufjs | le | 6.11.2 | |
| protobufjs | le | 6.10.2 | |
| protobufjs | le | 6.11.2 | |
| protobufjs | le | 6.11.2 | |
| protobufjs | le | 6.10.2 |
Related
cve
cve
CVE-2022-25878
2022-05-27 20:15:10
CVE-2023-36665
2023-07-05 14:15:09
redhatcve
redhatcve
CVE-2022-25878
2022-06-06 23:57:35
osv
osv
Prototype Pollution in protobufjs
2022-05-28 00:00:20
CVE-2022-25878
2022-05-27 20:15:10
CVE-2023-36665
2023-07-05 14:15:09
ibm
ibm
Security Bulletin: IBM App Connect Enterprise Certified Container IntegrationServer operands may be vulnerable to arbitrary code execution due to CVE-2022-25878
2022-11-04 17:44:07
prion
prion
Design/Logic Flaw
2022-05-27 20:15:00
Design/Logic Flaw
2023-07-05 14:15:00
cvelist
cvelist
CVE-2022-25878 Prototype Pollution
2022-05-27 00:00:00
CVE-2023-36665
2023-07-05 00:00:00
nvd
nvd
CVE-2022-25878
2022-05-27 20:15:10
CVE-2023-36665
2023-07-05 14:15:09
github
github
Prototype Pollution in protobufjs
2022-05-28 00:00:20
protobufjs Prototype Pollution vulnerability
2023-07-05 15:30:24
nessus
nessus
RHEL 9 : grafana (Unpatched Vulnerability)
2024-06-03 00:00:00
RHEL 8 : grafana (Unpatched Vulnerability)
2024-06-03 00:00:00