GHSA-8qm3-746x-r74r

ADVISORY - github

Summary

Under certain circumstances, unevaling untrusted data can produce output code that will create objects with polluted prototypes when later evaled, meaning the output data can be a different shape from the input data.

Common Weakness Enumeration (CWE)

ADVISORY - github

CWE-1321⁠

Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

Impacted images

Advisories

GitHub

CREATED

24 hours ago

UPDATED

24 hours ago

ADVISORY IDGHSA-8qm3-746x-r74r⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-1321⁠

CVSS SCORE

2.1low