0.001 Low
EPSS
Percentile
38.8%
confinit is vulnerable to prototype pollution. The vulnerability exists because the function setDeepProperty allows the manipulation of properties of Object.prototype as it accepts the __proto__ payload.
setDeepProperty
Object.prototype
__proto__
github.com/davideicardi/confinit/commit/a34e06ca5c1c8b047ef112ef188b2fe30d2a1eab