Описание
Prototype Pollution in bodymen
The package bodymen from 0.0.0 are vulnerable to Prototype Pollution via the handler function which could be tricked into adding or modifying properties of Object.prototype using a proto payload. Note: This vulnerability derives from an incomplete fix to CVE-2019-10792
Пакеты
Наименование
bodymen
npm
Затронутые версииВерсия исправления
>= 0.0.0
Отсутствует
Связанные уязвимости
CVSS3: 6.3
nvd
почти 4 года назад
The package bodymen from 0.0.0 are vulnerable to Prototype Pollution via the handler function which could be tricked into adding or modifying properties of Object.prototype using a __proto__ payload. **Note:** This vulnerability derives from an incomplete fix to [CVE-2019-10792](https://security.snyk.io/vuln/SNYK-JS-BODYMEN-548897)