Description
All versions of package querymen are vulnerable to Prototype Pollution if the parameters of exported function handler(type, name, fn) can be controlled by users without any sanitization. Note: This vulnerability derives from an incomplete fix of [CVE-2020-7600](https://security.snyk.io/vuln/SNYK-JS-QUERYMEN-559867).
Remediation
References
https://snyk.io/vuln/SNYK-JS-QUERYMEN-2391488
Related Vulnerabilities
CVE-2022-0437 Vulnerability in npm package karma
CVE-2023-25827 Vulnerability in maven package net.opentsdb:opentsdb
CVE-2020-14340 Vulnerability in maven package org.jboss.xnio:xnio-api
CVE-2020-14966 Vulnerability in maven package org.webjars.bowergithub.kjur:jsrsasign
CVE-2023-22893 Vulnerability in npm package @strapi/plugin-users-permissions