CVE-2020-8268
Improper Input Validation in npm/json8-merge-patch
Identifiers
CVE-2020-8268
Package Slug
npm/json8-merge-patch
Vulnerability
Improper Input Validation
Description
Prototype pollution vulnerability in json8-merge-patch npm package may allow attackers to inject or modify methods and properties of the global object constructor.
Affected Versions
All versions before 1.0.3
Solution
Upgrade to version 1.0.3 or above.
Last Modified
2020-11-20
| source |