CVE-2021-20089

Prototype Pollution in npm/purl

Identifiers

CVE-2021-20089

Package Slug

npm/purl

Vulnerability

Prototype Pollution

Description

Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') in purl allows a malicious user to inject properties into Object.prototype.

Affected Versions

Version 2.3.2

Solution

Unfortunately, there is no solution available yet.

Last Modified

2021-05-03

source