CVE-2022-37264
npm/steal
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
Prototype pollution vulnerability in stealjs steal 2.2.4 via the optionName variable in main.js.
Version 2.2.4
Upgrade to version 2.3.0 or above.
2022-09-20
source |