Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-1321

CWE-1321

Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

Parent: CWE-915 - Improperly Controlled Modification of Dynamically-Determined Object Attributes

The product receives input from an upstream component that specifies attributes that are to be initialized or updated in an object, but it does not properly control modifications of attributes of the object prototype.

473 vulnerabilities with CWE-1321

CVE-2022-46175 HIGH

JSON5 <2.2.1 - Prototype Pollution

CVE-2022-2200 HIGH

Mozilla Firefox < 102.0 - Prototype Pollution

CVE-2022-1802 HIGH

Mozilla Firefox < 100.0.2 - Prototype Pollution

CVE-2022-1529 HIGH

Mozilla Firefox < 100.0.2 - Prototype Pollution

CVE-2022-25904 HIGH

Safe-eval < 0.4.1 - Prototype Pollution

CVE-2022-24999 HIGH

QS < 6.2.4 - Prototype Pollution

CVE-2022-41878 HIGH

Parse Server <5.3.2, <4.10.19 - Auth Bypass

CVE-2022-41879 HIGH

Parse Server <5.3.3,4.10.20 - Prototype Pollution

CVE-2022-39396 CRITICAL

Parseplatform Parse-server < 4.10.18 - Prototype Pollution

CVE-2022-42743 MEDIUM

Deep-parse-json - Prototype Pollution

CVE-2022-41714 MEDIUM

fastest-json-copy <1.0.1 - Code Injection

CVE-2022-41713 MEDIUM

deep-object-diff <1.1.0 - Code Injection

CVE-2022-37623 CRITICAL

Browserify-shim < 3.8.16 - Prototype Pollution

CVE-2022-37621 CRITICAL

Browserify-shim < 3.8.16 - Prototype Pollution

CVE-2022-39357 HIGH

Winter < 1.1.10 - Prototype Pollution

CVE-2022-29823 CRITICAL

Feathersjs Feathers-sequelize < 6.3.4 - Prototype Pollution

CVE-2022-37598 CRITICAL

Uglifyjs - Prototype Pollution

CVE-2022-37602 CRITICAL

Grunt-karma - Prototype Pollution

CVE-2022-37601 CRITICAL

Webpack.js Loader-utils < 1.4.1 - Prototype Pollution

CVE-2022-37614 CRITICAL

Mockery - Prototype Pollution

CVE-2022-37611 CRITICAL

Gh-pages < 5.0.0 - Prototype Pollution

CVE-2022-37617 CRITICAL

Browserify-shim < 3.8.16 - Prototype Pollution

CVE-2022-37609 CRITICAL

Js-beautify - Prototype Pollution

CVE-2022-37616 CRITICAL

Xmldom < 0.6.0 - Prototype Pollution

CVE-2022-21169 HIGH

Express Xss Sanitizer < 1.1.3 - Prototype Pollution

Previous Page 10 of 19 Next

Details

Vulnerabilities 473

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy