CVE-2021-25952
Improperly Controlled Modification of Dynamically-Determined Object Attributes in npm/just-safe-set
Identifiers
CVE-2021-25952
Package Slug
npm/just-safe-set
Vulnerability
Improperly Controlled Modification of Dynamically-Determined Object Attributes
Description
Prototype pollution vulnerability in ‘just-safe-set’ allows an attacker to cause a denial of service and may lead to remote code execution.
Affected Versions
All versions starting from 1.0.0 up to 2.2.1
Solution
Upgrade to version 2.2.2 or above.
Last Modified
2021-07-12
| source |