CVE-2020-28499 – All versions of package merge are vulnerable to Prototype Pollution via _recursiveMerge . … – ITTS

CVE-2020-28499 – All versions of package merge are vulnerable to Prototype Pollution via _recursiveMerge . …

18 February 2021

Vuln ID: CVE-2020-28499

Published: 2021-02-18 16:15:13Z

Description: All versions of package merge are vulnerable to Prototype Pollution via _recursiveMerge .

Source: NVD.NIST.GOV

Date:

18 February 2021

Categorie(s):

Tag(s):

Dependency confusion vulnerability impacts archived Apache project24 April 2024
Proposed FTC commercial surveillance rules expected soon24 April 2024
Improved ransomware attack response aimed by Veeam’s Coveware purchase24 April 2024
Elusive group ToddyCat refines techniques for large-scale data theft24 April 2024
Coalition reveals uptick in cyber insurance claims driven by ransomware in 202324 April 2024