Prototype Pollution in madlib-object-utils - madlib-object-utils

Description

madlib-object-utils before 0.1.7 is vulnerable to Prototype Pollution via setValue.

Recommendation

Update the madlib-object-utils package to the latest compatible version. Followings are version details:

• Affected version(s): < 0.1.7
• Patched version(s): 0.1.7

References

• GHSA-jvf5-q4h5-2jmj
• snyk.io
• CVE-2020-7701
• CWE-1321
• CWE-915
• CAPEC-310
• OWASP 2021-A6
• OWASP 2021-A8

Related Issues

• Prototype Pollution in madlib-object-utils - CVE-2022-24279
• Prototype Pollution in Ajv - CVE-2020-15366
• shvl vulnerable to prototype pollution - CVE-2020-28278
• Prototype Pollution in node-forge - CVE-2020-7720

You might also like:

How to Secure your NodeJs Express Javascript Application - part 1

How to Secure your NodeJs Express Javascript Application - part 2

10 Secure Coding Best Practices to Follow in Every Project

Tags:

npm

madlib-object-utils