Prototype pollution in 101

Severity:: High

Description

Prototype pollution vulnerability in ‘101’ versions 1.0.0 through 1.6.3 allows an attacker to cause a denial of service and may lead to remote code execution.

Recommendation

No fix is available yet. Followings are affected versions:

>= 1.0.0, <= 1.6.3

References

GHSA-cwcx-rxgc-cmw3
www.whitesourcesoftware.com
CVE-2021-25943
CWE-1321
CAPEC-310
OWASP 2021-A6

Related Issues

MrSwitch hello.js vulnerable to prototype pollution - CVE-2021-26505
npm package rfc6902 vulnerable to Prototype Pollution - CVE-2021-4245
Starcounter-Jack JSON-Patch Prototype Pollution vulnerability - CVE-2021-4279
Prototype Pollution in sey - CVE-2021-23663

How to Secure your NodeJs Express Javascript Application - part 1

How to Secure your NodeJs Express Javascript Application - part 2

10 Secure Coding Best Practices to Follow in Every Project

Tags:: npm; 101

Anything's wrong? Let us know Last updated on May 01, 2025