Описание
Improperly Controlled Modification of Dynamically-Determined Object Attributes in utilitify
utilitify prior to 1.0.3 allows modification of object properties. The merge method could be tricked into adding or modifying properties of the Object.prototype.
Пакеты
Наименование
utilitify
npm
Затронутые версииВерсия исправления
< 1.0.3
1.0.3
Связанные уязвимости
CVSS3: 8.8
nvd
почти 6 лет назад
utilitify prior to 1.0.3 allows modification of object properties. The merge method could be tricked into adding or modifying properties of the Object.prototype.