CVE-2022-37265, GHSA-wc4x-qmr2-rj8h
npm/steal
steal vulnerable to Prototype Pollution via alias variable
Prototype pollution vulnerability in stealjs steal 2.2.4 via the alias variable in babel.js.
Version 2.2.4
Upgrade to version 2.3.0 or above.
2022-09-22
source |