CWE-1321 - Improperly Controlled Modification of Object Prototype Attributes (\'Prototype Pollution\')

Description

The product receives input from an upstream component that specifies attributes that are to be initialized or updated in an object, but it does not properly control modifications of attributes of the object prototype.

Latest vulnerabilities for CWE-1321

Prototype pollution in IBM App Connect Enterprise Certified Container 2023-05-25
Critical Yes

Improperly controlled modification of object prototype attributes in IBM App Connect Enterprise and IBM Integration Bus 2023-05-24
Medium Yes

Prototype pollution in Dexie.js 2023-05-16
Medium Yes

Multiple vulnerabilities in IBM Voice Gateway 2023-05-09
Medium Yes

Prototype pollution in IBM App Connect Enterprise Certified Container 2023-05-01
Medium Yes

Multiple vulnerabilities in Oracle Linux 2023-04-24
High Yes

Denial of service in Mozilla Thunderbird 2023-03-29
Medium Yes

Denial of service in Matrix Javascript SDK 2023-03-29
Medium Yes

References

Description of CWE-1321 on Mitre website