Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports

Toggle filters

1 – 3 of 3 results

CVE-2021-3805

Medium priority

Some fixes available 2 of 8

object-path is vulnerable to Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

1 affected packages

node-object-path

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
node-object-path Needs evaluation Not affected Fixed Fixed Ignored
Show less packages

CVE-2021-23434

Medium priority

Some fixes available 2 of 8

This affects the package object-path before 0.11.6. A type confusion vulnerability can lead to a bypass of CVE-2020-15256 when the path components used in the path parameter are arrays. In particular, the condition currentPath ===...

1 affected packages

node-object-path

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
node-object-path Needs evaluation Not affected Fixed Fixed Ignored
Show less packages

CVE-2020-15256

Low priority

Some fixes available 2 of 3

A prototype pollution vulnerability has been found in `object-path` <= 0.11.4 affecting the `set()` method. The vulnerability is limited to the `includeInheritedProps` mode (if version >= 0.11.0 is used), which has to be...

1 affected packages

node-object-path

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
node-object-path Not affected Fixed Fixed Not in release
Show less packages