Prototype Pollution

2020-03-1204:22:33

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

0.001 Low

EPSS

Percentile

44.2%

utilitify causes prototype pollution. The vulnerability exists as it allows the __proto__ property to be merged through the mergeDeep function.

CPENameOperatorVersion
utilitifyle1.0.2
utilitifyle1.0.2

CPE	Name	Operator	Version
	utilitify	le	1.0.2
	utilitify	le	1.0.2

References

github.com/xcritical-software/utilitify/commit/88d6e27009823338bf319ffb768fe6b08e8ad2d1

github.com/xcritical-software/utilitify/commit/88d6e27009823338bf319ffb768fe6b08e8ad2d1,

github.com/xcritical-software/utilitify/pull/22

0.001 Low

EPSS

Percentile

44.2%

Related for VERACODE:22676