← voltar
CVE-2022-25301

Prototype Pollution

CVSS 7.7 HIGHEPSS 1.2%
All versions of package jsgui-lang-essentials are vulnerable to Prototype Pollution due to allowing all Object attributes to be altered, including their magical attributes such as proto, constructor and prototype.
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:H/E:P
Produtos afetados
n/a · jsgui-lang-essentials

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://github.com/metabench/jsgui-lang-essentials/issues/1https://snyk.io/vuln/SNYK-JS-JSGUILANGESSENTIALS-2316897