Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
In Node.js mixme, prior to v0.5.1, an attacker can add or alter properties of an object via '__proto__' through the mutate() and merge() functions. The polluted attribute will be directly assigned to every object in the program. This will put the availability of the program at risk causing a potential denial of service (DoS).
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Node.js mixme 安全漏洞
Vulnerability Description
Npm mixme是美国Npm公司的一个应用软件。用于递归合并多个对象。最后一个对象优先于先前的对象。 Node.js mixme 0.5.0 存在安全漏洞,攻击者可利用该漏洞可以通过mutate()和merge()函数通过“proto”添加或改变对象的属性。导致潜在的拒绝服务(DoS)。
CVSS Information
N/A
Vulnerability Type
N/A