CVE-2022-37264
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') in npm/steal
Identifiers
CVE-2022-37264
Package Slug
npm/steal
Vulnerability
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
Description
Prototype pollution vulnerability in stealjs steal 2.2.4 via the optionName variable in main.js.
Affected Versions
Version 2.2.4
Solution
Upgrade to version 2.3.0 or above.
Last Modified
2022-09-20
| source |