Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-1321

CWE-1321

Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

Parent: CWE-915 - Improperly Controlled Modification of Dynamically-Determined Object Attributes

The product receives input from an upstream component that specifies attributes that are to be initialized or updated in an object, but it does not properly control modifications of attributes of the object prototype.

501 vulnerabilities with CWE-1321

CVE-2024-39018 MEDIUM

cat5th key-serializer 0.2.5 - Prototype Pollution via Query Function

CVE-2024-39016 HIGH

che3vinci c3/utils-1 - Prototype Pollution

CVE-2024-39014 CRITICAL

cahil/utils <2.3.2 - Code Injection

CVE-2024-39013 CRITICAL

2o3t-utility <0.1.2 - Code Injection

CVE-2024-39008 CRITICAL

fast-loops < 1.1.4 - Prototype Pollution via objectMergeDeep Function

CVE-2024-39003 HIGH

amoyjs common v1.0.10 - Prototype Pollution via setValue Function

CVE-2024-39001 MEDIUM

ag-grid < 31.3.4 - Prototype Pollution via _ModuleSupport.jsonApply

CVE-2024-39000 MEDIUM

swiper - Prototype Pollution via Parse Function

CVE-2024-38999 CRITICAL

requirejs < 2.3.7 - Prototype Pollution via s.contexts._.configure Function

CVE-2024-38997 MEDIUM

ratio-swiper 0.0.2 - Prototype Pollution via extendDefaults Function

CVE-2024-38996 CRITICAL

ag-grid < 31.3.4 - Prototype Pollution via _.mergeDeep Function

CVE-2024-38994 HIGH

amoyjs common 1.0.10 - Prototype Pollution via extend Function

CVE-2024-38992 HIGH

airvertco frappejs 0.0.11 - Prototype Pollution via registerView Function

CVE-2024-38991 HIGH

akbr patch-into 1.0.1 - Prototype Pollution via patchInto Function

CVE-2024-38987 MEDIUM

aofl cli-lib 3.14.0 - Prototype Pollution via defaultsDeep Component

CVE-2024-36578 MEDIUM

akbr update <1.0.0 - Info Disclosure

CVE-2024-36577 HIGH

aphp js-object-resolver <3.1.1 - Info Disclosure

CVE-2024-36574 MEDIUM

flatten-json 1.0.1 - Prototype Pollution via unflattenJSON Function

CVE-2024-36573 CRITICAL

almela obx < 0.0.4 - Prototype Pollution via obx/build/index.js

CVE-2024-36582 CRITICAL

alexbinary object-deep-assign <1.0.11 - Info Disclosure

CVE-2024-36583 HIGH

Byond Real Accessor <=1.0.0 - Code Injection

CVE-2024-36580 CRITICAL

cdr0/sg 1.0.10 - Prototype Pollution

CVE-2024-21512 HIGH

mysql2 < 3.9.8 - Prototype Pollution via nestTables Input

CVE-2024-29651 HIGH

API Dev Tools json-schema-ref-parser <11.1.0 - RCE

CVE-2024-24293 HIGH

@bit/loader 10.0.3 - Prototype Pollution via M Function e Argument

Previous Page 8 of 21 Next

Details

Vulnerabilities 501

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy