Description
utilitify prior to 1.0.3 allows modification of object properties. The merge method could be tricked into adding or modifying properties of the Object.prototype.
No analysis available yet.
Remediation
No remediation available yet.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
EUVD |
EUVD-2021-1025 | utilitify prior to 1.0.3 allows modification of object properties. The merge method could be tricked into adding or modifying properties of the Object.prototype. |
Github GHSA |
GHSA-9534-h433-2rjf | Improperly Controlled Modification of Dynamically-Determined Object Attributes in utilitify |
References
History
No history.
Status: PUBLISHED
Assigner: snyk
Published:
Updated: 2024-08-04T22:32:02.096Z
Reserved: 2019-04-03T00:00:00.000Z
Link: CVE-2019-10808
No data.
Status : Modified
Published: 2020-03-11T23:15:11.467
Modified: 2026-06-17T02:11:42.793
Link: CVE-2019-10808
No data.
OpenCVE Enrichment
No data.
Weaknesses
-
CWE-1321
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
EUVD
Github GHSA