CVE-2022-37614: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

October 12, 2022 (updated October 14, 2022)

Prototype pollution vulnerability in function enable in mockery.js in mfncooper mockery commit 822f0566fd6d72af8c943ae5ca2aa92e516aa2cf via the key variable in mockery.js.

References

github.com/mfncooper/mockery/blob/822f0566fd6d72af8c943ae5ca2aa92e516aa2cf/mockery.js
github.com/mfncooper/mockery/blob/822f0566fd6d72af8c943ae5ca2aa92e516aa2cf/mockery.js
github.com/mfncooper/mockery/issues/77
nvd.nist.gov/vuln/detail/CVE-2022-37614

Detect and mitigate CVE-2022-37614 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →