Описание
rjrodger jsonic-next v2.12.1 was discovered to contain a prototype pollution via the function util.clone. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties.
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:richardrodger:jsonic:2.12.1:*:*:*:*:*:*:*
EPSS
Процентиль: 31%
0.00117
Низкий
6.3 Medium
CVSS3
Дефекты
CWE-94
Связанные уязвимости
CVSS3: 6.3
github
больше 1 года назад
rjrodger jsonic-next v2.12.1 was discovered to contain a prototype pollution via the function util.clone. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties.
EPSS
Процентиль: 31%
0.00117
Низкий
6.3 Medium
CVSS3
Дефекты
CWE-94