Prototype Pollution
This affects the package com.graphhopper:graphhopper-web-bundle, from The URL parser could be tricked into adding or modifying properties of Object.prototype using a constructor or proto payload.
This affects the package com.graphhopper:graphhopper-web-bundle, from The URL parser could be tricked into adding or modifying properties of Object.prototype using a constructor or proto payload.
GraphHopper is an open-source Java routing engine. In GrassHopper there is a regular expression injection vulnerability that may lead to Denial of Service.