← volver
CVE-2022-25301

Prototype Pollution

CVSS 7.7 HIGHEPSS 1.2%
All versions of package jsgui-lang-essentials are vulnerable to Prototype Pollution due to allowing all Object attributes to be altered, including their magical attributes such as proto, constructor and prototype.
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:H/E:P
Productos afectados
n/a · jsgui-lang-essentials

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://github.com/metabench/jsgui-lang-essentials/issues/1https://snyk.io/vuln/SNYK-JS-JSGUILANGESSENTIALS-2316897