CVE-2018-16472
CVE-2018-16472
In short
A flaw in cached-path-relative library allows attackers to inject malicious properties into JavaScript's core Object prototype, causing the application to crash or behave unpredictably.
Technical detail
Prototype pollution vulnerability in cached-path-relative ≤1.0.1 enables an attacker to modify Object.prototype through crafted input, resulting in property inheritance across all JS objects and triggering denial of service conditions.
Summary generated and translated by AI from the official description.
A prototype pollution attack in cached-path-relative versions <=1.0.1 allows an attacker to inject properties on Object.prototype which are then inherited by all the JS objects through the prototype chain causing a DoS attack.
Affected products
npm · cached-path-relativeWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →