Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nconf project nconf vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2022-21803
This affects the package nconf prior to 0.11.4. When using the memory engine, it is possible to store a nested JSON representation of the configuration. The .set() function, that is responsible for setting the configuration properties, is vulnerable to Prototype Pollution. By pro...
Nconf Project Nconf
7.5
CVSSv2
CVE-2021-25946
Prototype pollution vulnerability in `nconf-toml` versions 0.0.1 up to and including 0.0.2 allows an malicious user to cause a denial of service and may lead to remote code execution.
Nconf-toml Project Nconf-toml
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started