Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
nortikin Sverchok Set Property Mk2 Node getsetprop_mk2.py SvSetPropNodeMK2 prototype pollution
Vulnerability Description
A vulnerability, which was classified as problematic, was found in nortikin Sverchok 1.3.0. Affected is the function SvSetPropNodeMK2 of the file sverchok/nodes/object_nodes/getsetprop_mk2.py of the component Set Property Mk2 Node. The manipulation leads to improperly controlled modification of object prototype attributes ('prototype pollution'). It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Vulnerability Type
CWE-1321
Vulnerability Title
Sverchok 安全漏洞
Vulnerability Description
Sverchok是nikitron个人开发者的一个应用程序。 Sverchok 1.3.0版本存在安全漏洞,该漏洞源于文件sverchok/nodes/object_nodes/getsetprop_mk2.py中函数SvSetPropNodeMK2存在原型污染。
CVSS Information
N/A
Vulnerability Type
N/A