Vulnerabilities > Improperly Controlled Modification of Dynamically-Determined Object Attributes
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-24 | CVE-2023-32079 | Improperly Controlled Modification of Dynamically-Determined Object Attributes vulnerability in Gravitl Netmaker Netmaker makes networks with WireGuard. | 8.8 |
| 2021-11-19 | CVE-2021-23433 | Improperly Controlled Modification of Dynamically-Determined Object Attributes vulnerability in Algolia Algoliasearch-Helper The package algoliasearch-helper before 3.6.2 are vulnerable to Prototype Pollution due to use of the merge function in src/SearchParameters/index.jsSearchParameters._parseNumbers without any protection against prototype properties. | 6.8 |
| 2021-10-18 | CVE-2021-23449 | Improperly Controlled Modification of Dynamically-Determined Object Attributes vulnerability in VM2 Project VM2 This affects the package vm2 before 3.9.4 via a Prototype Pollution attack vector, which can lead to execution of arbitrary code on the host machine. | 7.5 |
| 2021-08-11 | CVE-2021-23421 | Improperly Controlled Modification of Dynamically-Determined Object Attributes vulnerability in Merge-Change Project Merge-Change All versions of package merge-change are vulnerable to Prototype Pollution via the utils.set function. | 7.5 |
| 2021-07-28 | CVE-2021-23417 | Improperly Controlled Modification of Dynamically-Determined Object Attributes vulnerability in Deepmergefn Project Deepmergefn All versions of package deepmergefn are vulnerable to Prototype Pollution via deepMerge function. | 7.5 |
| 2021-07-07 | CVE-2021-25952 | Improperly Controlled Modification of Dynamically-Determined Object Attributes vulnerability in Just-Safe-Set Project Just-Safe-Set Prototype pollution vulnerability in ‘just-safe-set’ versions 1.0.0 through 2.2.1 allows an attacker to cause a denial of service and may lead to remote code execution. | 7.5 |
| 2021-07-02 | CVE-2021-23403 | Improperly Controlled Modification of Dynamically-Determined Object Attributes vulnerability in Ts-Nodash Project Ts-Nodash All versions of package ts-nodash are vulnerable to Prototype Pollution via the Merge() function due to lack of validation input. | 7.5 |
| 2021-07-02 | CVE-2021-23402 | Improperly Controlled Modification of Dynamically-Determined Object Attributes vulnerability in Record-Like-Deep-Assign Project Record-Like-Deep-Assign All versions of package record-like-deep-assign are vulnerable to Prototype Pollution via the main functionality. | 7.5 |
| 2021-06-10 | CVE-2021-25948 | Improperly Controlled Modification of Dynamically-Determined Object Attributes vulnerability in Expand-Hash Project Expand-Hash Prototype pollution vulnerability in 'expand-hash' versions 0.1.0 through 1.0.1 allows an attacker to cause a denial of service and may lead to remote code execution. | 7.5 |
| 2021-06-10 | CVE-2021-25949 | Improperly Controlled Modification of Dynamically-Determined Object Attributes vulnerability in Set-Getter Project Set-Getter 0.1.0 Prototype pollution vulnerability in 'set-getter' version 0.1.0 allows an attacker to cause a denial of service and may lead to remote code execution. | 7.5 |