Filtered by vendor Bodymen Project
Subscribe
Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-25296 | 1 Bodymen Project | 1 Bodymen | 2024-11-21 | 7.5 HIGH | 6.3 MEDIUM |
The package bodymen from 0.0.0 are vulnerable to Prototype Pollution via the handler function which could be tricked into adding or modifying properties of Object.prototype using a __proto__ payload. **Note:** This vulnerability derives from an incomplete fix to [CVE-2019-10792](https://security.snyk.io/vuln/SNYK-JS-BODYMEN-548897) | |||||
CVE-2019-10792 | 1 Bodymen Project | 1 Bodymen | 2024-11-21 | 6.5 MEDIUM | 6.3 MEDIUM |
bodymen before 1.1.1 is vulnerable to Prototype Pollution. The handler function could be tricked into adding or modifying properties of Object.prototype using a __proto__ payload. |