Описание
Uncontrolled Resource Consumption in fun-map
fun-map through 3.3.1 is vulnerable to Prototype Pollution. The function assocInM could be tricked into adding or modifying properties of 'Object.prototype' using a 'proto' payload.
Пакеты
Наименование
fun-map
npm
Затронутые версииВерсия исправления
<= 3.3.1
Отсутствует
Связанные уязвимости
CVSS3: 8.1
nvd
почти 6 лет назад
fun-map through 3.3.1 is vulnerable to Prototype Pollution. The function assocInM could be tricked into adding or modifying properties of 'Object.prototype' using a '__proto__' payload.