Description
All versions of package querymen are vulnerable to Prototype Pollution if the parameters of exported function handler(type, name, fn) can be controlled by users without any sanitization. Note: This vulnerability derives from an incomplete fix of [CVE-2020-7600](https://security.snyk.io/vuln/SNYK-JS-QUERYMEN-559867).
Remediation
References
https://snyk.io/vuln/SNYK-JS-QUERYMEN-2391488
Related Vulnerabilities
CVE-2021-43843 Vulnerability in npm package jsx-slack
CVE-2022-25231 Vulnerability in npm package node-opcua
CVE-2020-9488 Vulnerability in maven package org.apache.logging.log4j:log4j-core
CVE-2022-36906 Vulnerability in maven package org.jenkins-ci.plugins:openshift-deployer
CVE-2023-45280 Vulnerability in maven package org.yamcs:yamcs-core