CVE-2021-3645

Prototype Pollution in viking04/merge

CVSS 6.8 MEDIUMEPSS 1.4%CWE-1321

merge is vulnerable to Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N

Affected products

viking04 · viking04/merge

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/viking04/merge/commit/baba40332080b38b33840d2614df6d4142dedaf6 https://huntr.dev/bounties/ef387a9e-ca3c-4c21-80e3-d34a6a896262