CVE-2022-2564

Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') in npm/mongoose

Identifiers

CVE-2022-2564

Package Slug

npm/mongoose

Vulnerability

Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

Description

Prototype Pollution in GitHub repository automattic/mongoose prior to 6.4.6.

Affected Versions

All versions before 6.4.6

Solution

Upgrade to version 6.4.6 or above.

Last Modified

2022-08-04

source