Vulnerabilities (CVE)

Filtered by vendor Bodymen Project Subscribe
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-25296 1 Bodymen Project 1 Bodymen 2024-11-21 7.5 HIGH 6.3 MEDIUM
The package bodymen from 0.0.0 are vulnerable to Prototype Pollution via the handler function which could be tricked into adding or modifying properties of Object.prototype using a __proto__ payload. **Note:** This vulnerability derives from an incomplete fix to [CVE-2019-10792](https://security.snyk.io/vuln/SNYK-JS-BODYMEN-548897)
CVE-2019-10792 1 Bodymen Project 1 Bodymen 2024-11-21 6.5 MEDIUM 6.3 MEDIUM
bodymen before 1.1.1 is vulnerable to Prototype Pollution. The handler function could be tricked into adding or modifying properties of Object.prototype using a __proto__ payload.