Description
Flaw in input validation in npm package klona version 1.1.0 and earlier may allow prototype pollution attack that may result in remote code execution or denial of service of applications using klona.
Remediation
References
https://hackerone.com/reports/778414
Related Vulnerabilities
CVE-2023-47324 Vulnerability in maven package org.silverpeas.core:silverpeas-core-war
CVE-2020-7663 Vulnerability in maven package org.webjars.npm:websocket-extensions
CVE-2022-2063 Vulnerability in npm package nocodb
CVE-2021-23391 Vulnerability in npm package calipso
CVE-2023-24057 Vulnerability in maven package org.hl7.fhir.publisher:org.hl7.fhir.publisher.core