CVE-2021-23448
npm/config-handler
Improper Control of Dynamically-Managed Code Resources
All versions of package config-handler is vulnerable to Prototype Pollution when loading config files.
Version 1.0.0
Upgrade to version 1.0.1 or above.
2021-10-22
source |