Security
Headlines
HeadlinesLatestCVEs

Headline

GHSA-g3vf-47fv-8f3c: MrSwitch hello.js vulnerable to prototype pollution

A prototype pollution vulnerability in MrSwitch hello.js prior to version 1.18.8 allows remote attackers to execute arbitrary code via hello.utils.extend function.

ghsa
#vulnerability#js#git

MrSwitch hello.js vulnerable to prototype pollution

Moderate severity GitHub Reviewed Published Aug 11, 2023 to the GitHub Advisory Database • Updated Aug 11, 2023

Related news

CVE-2021-26505: Prototype Pollution in hello.js · Issue #634 · MrSwitch/hello.js

Prototype pollution vulnerability in MrSwitch hello.js version 1.18.6, allows remote attackers to execute arbitrary code via hello.utils.extend function.

ghsa: Latest News

GHSA-76h9-2vwh-w278: Apache MINA Deserialization RCE Vulnerability