Описание
spmrc vulnerable to prototype pollution
spmrc is a package that provides the rc manager for spm. A Prototype Pollution vulnerability in the set and config function of spmrc version 1.2.0 and before allows attackers to inject properties on Object.prototype via supplying a crafted payload, causing denial of service (DoS) as the minimum consequence.
Пакеты
Наименование
spmrc
npm
Затронутые версииВерсия исправления
<= 1.2.0
Отсутствует
Связанные уязвимости
CVSS3: 7.5
nvd
5 месяцев назад
spmrc is a package that provides the rc manager for spm. A Prototype Pollution vulnerability in the set and config function of spmrc version 1.2.0 and before allows attackers to inject properties on Object.prototype via supplying a crafted payload, causing denial of service (DoS) as the minimum consequence.