Description
Prototype Pollution in GitHub repository automattic/mongoose prior to 7.3.4.
Remediation
References
https://github.com/automattic/mongoose/commit/305ce4ff789261df7e3f6e72363d0703e025f80d
https://huntr.dev/bounties/1eef5a72-f6ab-4f61-b31d-fc66f5b4b467
Related Vulnerabilities
CVE-2020-7608 Vulnerability in npm package yargs-parser
CVE-2017-7561 Vulnerability in maven package org.jboss.resteasy:resteasy-jaxrs
CVE-2021-27405 Vulnerability in npm package @progfay/scrapbox-parser
CVE-2022-37265 Vulnerability in npm package steal
CVE-2022-1330 Vulnerability in maven package org.webjars.bowergithub.alvarotrigo:fullpage.js