CVE-2021-23448

Improper Control of Dynamically-Managed Code Resources in npm/config-handler

Identifiers

CVE-2021-23448

Package Slug

npm/config-handler

Vulnerability

Improper Control of Dynamically-Managed Code Resources

Description

All versions of package config-handler are vulnerable to Prototype Pollution when loading config files.

Affected Versions

Version 1.0.0

Solution

Upgrade to version 1.0.1 or above.

Last Modified

2021-10-22

source