{"vulnerability": "cve-2019-1079", "sightings": [{"uuid": "c295ed45-aad2-49e9-acdf-895e7eaa3426", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-10791", "type": "seen", "source": "https://t.me/arpsyndicate/4753", "content": "#ExploitObserverAlert\n\nCVE-2019-10791\n\nDESCRIPTION: Exploit Observer has 7 entries in 2 file formats related to CVE-2019-10791. promise-probe before 0.10.0 allows remote attackers to perform a command injection attack. The file, outputFile and options functions can be controlled by users without any sanitization.\n\nFIRST-EPSS: 0.004810000\nNVD-IS: 5.9\nNVD-ES: 3.9\nARPS-PRIORITY: 0.7192889", "creation_timestamp": "2024-04-23T18:03:19.000000Z"}, {"uuid": "7e951ae1-da16-4264-bf29-b34d2bf34c1f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-10792", "type": "seen", "source": "https://t.me/cibsecurity/39138", "content": "\u203c CVE-2022-25296 \u203c\n\nThe package bodymen from 0.0.0 are vulnerable to Prototype Pollution via the handler function which could be tricked into adding or modifying properties of Object.prototype using a __proto__ payload. **Note:** This vulnerability derives from an incomplete fix to [CVE-2019-10792](https://security.snyk.io/vuln/SNYK-JS-BODYMEN-548897)\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-17T15:21:39.000000Z"}]}