Description
A vulnerability classified as problematic has been found in chbrown rfc6902. This affects an unknown part of the file pointer.ts. The manipulation leads to improperly controlled modification of object prototype attributes (‘prototype pollution’). The exploit has been disclosed to the public and may be used.
Recommendation
Update the rfc6902 package to the latest compatible version. Followings are version details:
- Affected version(s): < 5.0.0
- Patched version(s): 5.0.0
References
Related Issues
- rollbar vulnerable to Prototype Pollution in merge() - CVE-2025-62517
- Prototype Pollution in lodash (GHSA-p6mc-m468-83gw) 4 - CVE-2020-8203
- Prototype Pollution in lodash (GHSA-p6mc-m468-83gw) 3 - CVE-2020-8203
- Prototype Pollution in lodash (GHSA-p6mc-m468-83gw) 2 - CVE-2020-8203
- Tags:
- npm
- rfc6902
Anything's wrong? Let us know Last updated on January 25, 2024