Description
A vulnerability classified as problematic has been found in chbrown rfc6902. This affects an unknown part of the file pointer.ts. The manipulation leads to improperly controlled modification of object prototype attributes (‘prototype pollution’). The exploit has been disclosed to the public and may be used.
Recommendation
Update the rfc6902 package to the latest compatible version. Followings are version details:
- Affected version(s): < 5.0.0
- Patched version(s): 5.0.0
References
Related Issues
- dustjs-linkedin vulnerable to Prototype Pollution - CVE-2021-4264
- Baobab vulnerable to Prototype Pollution - CVE-2021-4307
- MrSwitch hello.js vulnerable to prototype pollution - CVE-2021-26505
- parse is vulnerable to prototype pollution - CVE-2025-57324
- Tags:
- npm
- rfc6902
Anything's wrong? Let us know Last updated on January 25, 2024