Description
Prototype pollution vulnerability in karma-runner grunt-karma 4.0.1 via the key variable in grunt-karma.js.
Recommendation
No fix is available yet. Followings are affected versions:
- <= 4.0.1
References
Related Issues
- qs vulnerable to Prototype Pollution - CVE-2022-24999
- steal vulnerable to Prototype Pollution via requestedVersion variable - CVE-2022-37257
- thlorenz browserify-shim vulnerable to prototype pollution - browserify-shim - GHSA-cfgr-75jx-h88g - CVE-2022-37623
- thlorenz browserify-shim vulnerable to prototype pollution - browserify-shim - CVE-2022-37621
You might also like:
- Tags:
- npm
- grunt-karma
Anything's wrong? Let us know Last updated on October 19, 2023


