CVE-2021-23433

Improperly Controlled Modification of Dynamically-Determined Object Attributes in npm/algoliasearch-helper

Identifiers

CVE-2021-23433

Package Slug

npm/algoliasearch-helper

Vulnerability

Improperly Controlled Modification of Dynamically-Determined Object Attributes

Description

The package algoliasearch-helper are vulnerable to Prototype Pollution due to use of the merge function.

Affected Versions

All versions before 3.6.2

Solution

Upgrade to version 3.6.2 or above.

Last Modified

2021-11-24

source