Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-1321

CWE-1321

Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

Parent: CWE-915 - Improperly Controlled Modification of Dynamically-Determined Object Attributes

The product receives input from an upstream component that specifies attributes that are to be initialized or updated in an object, but it does not properly control modifications of attributes of the object prototype.

473 vulnerabilities with CWE-1321

CVE-2024-39013 CRITICAL

2o3t-utility <0.1.2 - Code Injection

CVE-2024-39008 CRITICAL

NPM Fast-loops < 1.1.4 - Prototype Pollution

CVE-2024-39003 HIGH

Amoyjs Common - Prototype Pollution

CVE-2024-39001 MEDIUM

Ag-grid < 31.3.4 - Prototype Pollution

CVE-2024-39000 MEDIUM

Swiper - Prototype Pollution

CVE-2024-38999 CRITICAL

NPM Requirejs < 2.3.7 - Prototype Pollution

CVE-2024-38997 MEDIUM

Swiper - Prototype Pollution

CVE-2024-38996 CRITICAL

Ag-grid < 31.3.4 - Prototype Pollution

CVE-2024-38994 HIGH

Amoyjs Common - Prototype Pollution

CVE-2024-38992 HIGH

Airvertco Frappejs - Prototype Pollution

CVE-2024-38991 HIGH

Akbr Patch-into - Prototype Pollution

CVE-2024-38987 MEDIUM

Aofl Cli-lib - Prototype Pollution

CVE-2024-36578 MEDIUM

akbr update <1.0.0 - Info Disclosure

CVE-2024-36577 HIGH

aphp js-object-resolver <3.1.1 - Info Disclosure

CVE-2024-36574 MEDIUM

flatten-json <1.0.1 - RCE

CVE-2024-36573 CRITICAL

almela obx < v.0.0.4 - RCE

CVE-2024-36582 CRITICAL

alexbinary object-deep-assign <1.0.11 - Info Disclosure

CVE-2024-36583 HIGH

Byond Real Accessor <=1.0.0 - Code Injection

CVE-2024-36580 CRITICAL

cdr0 sg 1.0.10 - Code Injection

CVE-2024-21512 HIGH

NPM Mysql2 < 3.9.8 - Prototype Pollution

CVE-2024-29651 HIGH

API Dev Tools json-schema-ref-parser <11.1.0 - RCE

CVE-2024-24293 HIGH

BIT Loader - Prototype Pollution

CVE-2024-34273 MEDIUM

njwt <v0.4.0 - Info Disclosure

CVE-2024-34698 MEDIUM

Freescout < 1.8.139 - Prototype Pollution

CVE-2024-34148 MEDIUM

Jenkins Subversion Partial Release Manager Plugin <1.0.1 - RCE

Previous Page 7 of 19 Next

Details

Vulnerabilities 473

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy