Description
All versions of package jsgui-lang-essentials are vulnerable to Prototype Pollution due to allowing all Object attributes to be altered, including their magical attributes such as proto, constructor and prototype.
Remediation
References
https://github.com/metabench/jsgui-lang-essentials/issues/1
https://snyk.io/vuln/SNYK-JS-JSGUILANGESSENTIALS-2316897
Related Vulnerabilities
CVE-2022-22968 Vulnerability in maven package org.springframework:spring-context
CVE-2022-25926 Vulnerability in npm package window-control
CVE-2022-36034 Vulnerability in npm package nitrado.js
CVE-2019-10754 Vulnerability in maven package org.apereo.cas:cas-server-support-oauth-core-api
CVE-2021-39152 Vulnerability in maven package com.thoughtworks.xstream:xstream