Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-1321

CWE-1321

Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

Parent: CWE-915 - Improperly Controlled Modification of Dynamically-Determined Object Attributes

The product receives input from an upstream component that specifies attributes that are to be initialized or updated in an object, but it does not properly control modifications of attributes of the object prototype.

473 vulnerabilities with CWE-1321

CVE-2022-37265 CRITICAL

Steal - Prototype Pollution

CVE-2022-37258 CRITICAL

Steal - Prototype Pollution

CVE-2022-37264 CRITICAL

Steal - Prototype Pollution

CVE-2022-37266 CRITICAL

Steal - Prototype Pollution

CVE-2022-37257 CRITICAL

Steal - Prototype Pollution

CVE-2022-2625 HIGH

PostgreSQL - RCE

CVE-2022-25907 HIGH

Typescript Deep Merge < 2.0.2 - Prototype Pollution

CVE-2022-2564 CRITICAL

automattic/mongoose <6.4.6 - Info Disclosure

CVE-2022-31106 HIGH

Underscore.deep <0.5.3 - Prototype Pollution

CVE-2022-21231 HIGH

Deep-get-set - Prototype Pollution

CVE-2022-25871 MEDIUM

Querymen - Prototype Pollution

CVE-2022-21213 HIGH

Mout < 1.2.4 - Prototype Pollution

CVE-2022-25878 HIGH

Protobufjs < 6.11.3 - Prototype Pollution

CVE-2022-25862 MEDIUM

Sds - Prototype Pollution

CVE-2022-21190 HIGH

Mozilla Convict < 6.2.3 - Prototype Pollution

CVE-2022-25324 HIGH

Bignum - Prototype Pollution

CVE-2022-25301 HIGH

Jsgui-lang-essentials - Prototype Pollution

CVE-2022-25645 MEDIUM

Dset < 3.1.2 - Prototype Pollution

CVE-2022-22143 HIGH

convict <6.2.2 - Prototype Pollution

CVE-2022-21189 HIGH

Dexie < 3.2.2 - Prototype Pollution

CVE-2022-24279 HIGH

madlib-object-utils <0.1.8 - Prototype Pollution

CVE-2022-21803 HIGH

Nconf < 0.11.4 - Prototype Pollution

CVE-2022-1295 CRITICAL

Fullpage < 4.0.2 - Prototype Pollution

CVE-2022-24802 HIGH

Deepmerge-ts < 4.0.2 - Prototype Pollution

CVE-2022-26260 CRITICAL

Simple-Plist <1.3.0 - Info Disclosure

Previous Page 11 of 19 Next

Details

Vulnerabilities 473

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy