Skip to content

Commit 1320ce3

Browse files
advisory-database[bot]advisory-database[bot]
committed
Publish Advisories
GHSA-4r97-78gf-q24v GHSA-fm93-fhh2-cg2c
1 parent 7265ff9 commit 1320ce3

File tree

2 files changed

+9
-9
lines changed

2 files changed

+9
-9
lines changed

advisories/github-reviewed/2020/09/GHSA-4r97-78gf-q24v/GHSA-4r97-78gf-q24v.json

Lines changed: 4 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,11 +1,12 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-4r97-78gf-q24v",
4-
"modified": "2020-08-31T19:00:12Z",
4+
"modified": "2025-07-18T19:42:53Z",
55
"published": "2020-09-04T17:53:27Z",
6+
"withdrawn": "2025-07-18T19:42:53Z",
67
"aliases": [],
7-
"summary": "Prototype Pollution in klona",
8-
"details": "Versions of `klona` prior to 1.1.1 are vulnerable to prototype pollution. The package does not restrict the modification of an Object's prototype when cloning objects, which may allow an attacker to add or modify an existing property that will exist on all objects.\n\n\n\n\n## Recommendation\n\nUpgrade to version 1.1.1 or later.",
8+
"summary": "Duplicate Advisory: Prototype Pollution in klona",
9+
"details": "## Duplicate Advisory\nThis advisory has been withdrawn because it is a duplicate of GHSA-8f89-2fwj-5v5r. This link is maintained to preserve external references.\n\n## Original Description\nVersions of `klona` prior to 1.1.1 are vulnerable to prototype pollution. The package does not restrict the modification of an Object's prototype when cloning objects, which may allow an attacker to add or modify an existing property that will exist on all objects.\n\n\n\n\n## Recommendation\n\nUpgrade to version 1.1.1 or later.",
910
"severity": [],
1011
"affected": [
1112
{

advisories/github-reviewed/2022/01/GHSA-fm93-fhh2-cg2c/GHSA-fm93-fhh2-cg2c.json

Lines changed: 5 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -1,13 +1,12 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-fm93-fhh2-cg2c",
4-
"modified": "2022-01-27T14:11:41Z",
4+
"modified": "2025-07-18T19:44:32Z",
55
"published": "2022-01-27T14:21:53Z",
6-
"aliases": [
7-
"CVE-2021-23460"
8-
],
9-
"summary": "Prototype Pollution in min-dash",
10-
"details": "The package min-dash before 3.8.1 are vulnerable to Prototype Pollution via the set method due to missing enforcement of key types.",
6+
"withdrawn": "2025-07-18T19:44:32Z",
7+
"aliases": [],
8+
"summary": "Duplicate Advisory: Prototype Pollution in min-dash",
9+
"details": "## Duplicate Advisory\nThis advisory has been withdrawn because it is a duplicate of GHSA-2m53-83f3-562j. This link is maintained to preserve external references.\n\n## Original Description\nThe package min-dash before 3.8.1 are vulnerable to Prototype Pollution via the set method due to missing enforcement of key types.",
1110
"severity": [
1211
{
1312
"type": "CVSS_V3",

0 commit comments

Comments
 (0)
pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy