Описание
jsonic was discovered to contain a prototype pollution via the function empty.
rjrodger jsonic-next v2.12.1 was discovered to contain a prototype pollution via the function empty. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties.
Пакеты
Наименование
jsonic
npm
Затронутые версииВерсия исправления
<= 2.12.1
Отсутствует
Связанные уязвимости
CVSS3: 9.8
nvd
больше 1 года назад
rjrodger jsonic-next v2.12.1 was discovered to contain a prototype pollution via the function empty. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties.