GHSA-4r97-78gf-q24v

Описание

Duplicate Advisory

This advisory has been withdrawn because it is a duplicate of GHSA-8f89-2fwj-5v5r. This link is maintained to preserve external references.

Original Description

Versions of klona prior to 1.1.1 are vulnerable to prototype pollution. The package does not restrict the modification of an Object's prototype when cloning objects, which may allow an attacker to add or modify an existing property that will exist on all objects.

Recommendation

Upgrade to version 1.1.1 or later.