PT-2026-57909 · Antv · Xlayout

Dremig

·

Publicado

2026-07-13

·

Atualizado

2026-07-13

·

CVE-2026-15598

CVSS v2.0

6.5

Média

VetorAV:N/AC:L/Au:S/C:P/I:P/A:P
A weakness has been identified in antv layout 2.0.0. This impacts the function setNestedValue in the library lib/util/object.js. Executing a manipulation of the argument path can lead to improperly controlled modification of object prototype attributes. The attack can be launched remotely. The project was informed of the problem early through an issue report but has not responded yet.

Correção

Code Injection

Prototype Pollution

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

Enumeração de Fraquezas

Identificadores relacionados

CVE-2026-15598

Produtos afetados

Xlayout