Description

Prototype Pollution in GitHub repository antfu/utils prior to 0.7.3.

Remediation

References

https://github.com/antfu/utils/commit/7f8b16c6181c988bdb96613fbb2533b345f68682

https://huntr.dev/bounties/009f1cd9-401c-49a7-bd08-be35cff6faef

Related Vulnerabilities

CVE-2020-28491 Vulnerability in maven package com.fasterxml.jackson.dataformat:jackson-dataformat-cbor

CVE-2018-6356 Vulnerability in maven package org.jenkins-ci.main:jenkins-core

CVE-2023-50721 Vulnerability in maven package org.xwiki.platform:xwiki-platform-search-ui

CVE-2008-1285 Vulnerability in maven package javax.faces:jsf-impl

CVE-2023-48218 Vulnerability in npm package strapi-plugin-protected-populate

Severity

Critical

Classification

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Tags

Patch Exploit NVD-CWE-noinfo