Falhas do tipo CWE-1321
304 resultadosCVE-2021-4307MEDIUMYomguithereal Baobab prototype pollutionEPSS 1.3%CVE-2021-3666HIGHPrototype Pollution in fiznool/body-parser-xmlEPSS 1.3%CVE-2023-26133HIGHAll versions of the package progressbar.js are vulnerable to Prototype Pollution via the function extend() in the file utils.js.
EPSS 1.3%CVE-2022-1295HIGHPrototype Pollution in alvarotrigo/fullpage.jsEPSS 1.2%CVE-2023-26113HIGHVersions of the package collection.js before 6.8.1 are vulnerable to Prototype Pollution via the extend function in Collection.js/dist/node/EPSS 1.2%CVE-2025-25015CRITICALKibana arbitrary code execution via prototype pollutionEPSS 1.2%CVE-2022-37614CRITICALPrototype pollution vulnerability in function enable in mockery.js in mfncooper mockery commit 822f0566fd6d72af8c943ae5ca2aa92e516aa2cf via EPSS 1.2%CVE-2021-39205MEDIUMDOM-based XSS/Content Spoofing via Prototype PollutionEPSS 1.2%CVE-2023-28427HIGHPrototype pollution in matrix-js-sdkEPSS 1.2%CVE-2024-48910CRITICALDOMPurify vulnerable to tampering by prototype polutionEPSS 1.2%CVE-2023-45827HIGHPrototype Pollution vulnerability in @clickbar/dot-diverEPSS 1.2%CVE-2024-38996CRITICALag-grid-community v31.3.2 and ag-grid-enterprise v31.3.2 were discovered to contain a prototype pollution via the _.mergeDeep function. ThisEPSS 1.2%CVE-2024-30564CRITICALAn issue inandrei-tatar nora-firebase-common between v.1.0.41 and v.1.12.2 allows a remote attacker to execute arbitrary code via a crafted EPSS 1.2%CVE-2022-37623CRITICALPrototype pollution vulnerability in function resolveShims in resolve-shims.js in thlorenz browserify-shim 3.8.15 via the shimPath variable EPSS 1.1%CVE-2023-26121HIGHAll versions of the package safe-eval are vulnerable to Prototype Pollution via the safeEval function, due to improper sanitization of its pEPSS 1.1%CVE-2020-36632MEDIUMhughsk flat index.js unflatten prototype pollutionEPSS 1.1%CVE-2024-38989CRITICALizatop bunt v0.29.19 was discovered to contain a prototype pollution via the component /esm/qs.js. This vulnerability allows attackers to exEPSS 1.1%CVE-2022-37265CRITICALPrototype pollution vulnerability in stealjs steal 2.2.4 via the alias variable in babel.js.EPSS 1.1%CVE-2021-4279MEDIUMStarcounter-Jack JSON-Patch prototype pollutionEPSS 1.1%CVE-2021-4264MEDIUMLinkedIn dustjs prototype pollutionEPSS 1.1%