CVE-2022-2564
npm/mongoose
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
Prototype Pollution in GitHub repository automattic/mongoose prior to 6.4.6.
All versions before 5.13.15, all versions starting from 6.0.0 before 6.4.6
Upgrade to versions 5.13.15, 6.4.6 or above.
2022-08-04
source |