Описание
Prototype Pollution in iniparserjs
This affects all versions of package iniparserjs. This vulnerability relates when ini_parser.js is concentrating arrays. Depending on if user input is provided, an attacker can overwrite and pollute the object prototype of a program.
Пакеты
Наименование
iniparserjs
npm
Затронутые версииВерсия исправления
<= 1.0.4
Отсутствует
Связанные уязвимости
CVSS3: 5.6
nvd
около 5 лет назад
This affects all versions of package iniparserjs. This vulnerability relates when ini_parser.js is concentrating arrays. Depending on if user input is provided, an attacker can overwrite and pollute the object prototype of a program.