CVE-2018-16490

Опубликовано: 30 нояб. 2018

Источник: redhat

CVSS3: 4.2

EPSS Низкий

Описание

A prototype pollution vulnerability was found in module mpath <0.5.1 that allows an attacker to inject arbitrary properties onto Object.prototype.

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Mobile Application Platform 4	nodejs-mpath	Out of support scope

Показывать по

Статус:

Moderate

Дефект:

CWE-20

https://bugzilla.redhat.com/show_bug.cgi?id=1672396nodejs-mpath: prototype pollution in Object.prototype

EPSS

Процентиль: 40%

0.00186

Низкий

4.2 Medium

CVSS3

CVE-2018-16490

CVSS3: 7.5

nvd

около 7 лет назад

A prototype pollution vulnerability was found in module mpath <0.5.1 that allows an attacker to inject arbitrary properties onto Object.prototype.

GHSA-h466-j336-74wx