CVE-2021-41097: Improperly Controlled Modification of Dynamically-Determined Object Attributes

September 27, 2021 (updated September 30, 2022)

aurelia-path is part of the Aurelia platform and contains utilities for path manipulation. There is a prototype pollution vulnerability in aurelia-path.

References

github.com/aurelia/path/issues/44
nvd.nist.gov/vuln/detail/CVE-2021-41097

Code Behaviors & Features

Detect and mitigate CVE-2021-41097 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →