CVE-2021-23448
Improper Control of Dynamically-Managed Code Resources in npm/config-handler
Identifiers
CVE-2021-23448
Package Slug
npm/config-handler
Vulnerability
Improper Control of Dynamically-Managed Code Resources
Description
All versions of package config-handler is vulnerable to Prototype Pollution when loading config files.
Affected Versions
Version 1.0.0
Solution
Upgrade to version 1.0.1 or above.
Last Modified
2021-10-22
| source |