CVE-2021-3815: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

December 8, 2021 (updated December 10, 2021)

utils.js is vulnerable to Improperly Controlled Modification of Object Prototype Attributes (‘Prototype Pollution’)

References

github.com/fabiocaccamo/utils.js/commit/102efafb291ce1916985514440d3bf8a6826890a
huntr.dev/bounties/20f48c63-f078-4173-bcac-a9f34885f2c0
nvd.nist.gov/vuln/detail/CVE-2021-3815

Detect and mitigate CVE-2021-3815 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →