Количество 2
Количество 2
CVE-2021-23771
This affects all versions of package notevil; all versions of package argencoders-notevil. It is vulnerable to Sandbox Escape leading to Prototype pollution. The package fails to restrict access to the main context, allowing an attacker to add or modify an object's prototype. **Note:** This vulnerability derives from an incomplete fix in [SNYK-JS-NOTEVIL-608878](https://security.snyk.io/vuln/SNYK-JS-NOTEVIL-608878).
GHSA-8g4m-cjm2-96wq
Sandbox escape in notevil and argencoders-notevil
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2021-23771 This affects all versions of package notevil; all versions of package argencoders-notevil. It is vulnerable to Sandbox Escape leading to Prototype pollution. The package fails to restrict access to the main context, allowing an attacker to add or modify an object's prototype. **Note:** This vulnerability derives from an incomplete fix in [SNYK-JS-NOTEVIL-608878](https://security.snyk.io/vuln/SNYK-JS-NOTEVIL-608878). | CVSS3: 6.5 | 0% Низкий | почти 4 года назад |
| GHSA-8g4m-cjm2-96wq Sandbox escape in notevil and argencoders-notevil | CVSS3: 6.5 | 0% Низкий | почти 4 года назад |
Уязвимостей на страницу