Filtered by vendor Argencoders-notevil Project
Subscribe
Filtered by product Argencoders-notevil
Subscribe
Total
1 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2021-23771 | 2 Argencoders-notevil Project, Notevil Project | 2 Argencoders-notevil, Notevil | 2024-11-21 | 6.4 MEDIUM | 6.5 MEDIUM |
This affects all versions of package notevil; all versions of package argencoders-notevil. It is vulnerable to Sandbox Escape leading to Prototype pollution. The package fails to restrict access to the main context, allowing an attacker to add or modify an object's prototype. **Note:** This vulnerability derives from an incomplete fix in [SNYK-JS-NOTEVIL-608878](https://security.snyk.io/vuln/SNYK-JS-NOTEVIL-608878). |